[JOC-2018] Update @babel runtime version 7.25.0 to 7.27.0 due to 3rd Party Vulnerability issue CVE-2025-27789 - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.7.3
Fix Version/s: 2.8.0
Component/s: None
Labels:
None

CVE-ID:
CVE-2025-27789

Description

Current Situation

AngularJS makes use of @babel.runtime 2.25.0 at build time of the JOC Cockpit JS code.
A vulnerability affects this version, see https://nvd.nist.gov/vuln/detail/CVE-2025-27789 .
JOC Cockpit itself is not affected.

Desired Behavior

JOC Cockpit 2.8.0 will be build with a more recent version of AngularJS v.19 which does not make use of the vulnerable 3rd party version.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

image-2025-06-27-19-44-46-131.png
71 kB
27 June 2025 14:06

Activity

People

Assignee:: Rahul Patidar

Reporter:: Santiago Aucejo Petzoldt

Approver:: Ajay Kumbhkar

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 27 March 2025 11:17

Updated:: 03 July 2025 21:12

Resolved:: 30 June 2025 15:41