CVE-2022-25869

About vulnerability

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of

elements.

</div>
</section>

<section id="details" class="my-6 cve-detail-section">
  <h2 class="text-xl font-semibold mb-2">Details</h2>
  <div class="prose prose-sm sm:prose-base lg:prose-lg max-w-none">
    <dl class="not-prose text-sm text-gray-900">
      
      <div class="mb-2"><dt class="inline font-semibold text-gray-700">Affected product:</dt> <dd class="inline">
        
        
          
          
            
            <a href="/cve-tracker/?product=Angular" class="text-blue-600 hover:text-blue-800">Angular</a>
          
        
          
          
            , 
            <a href="/cve-tracker/?product=angular.js" class="text-blue-600 hover:text-blue-800">angular.js</a>
          
        
      </dd></div>
      
      <div class="mb-2"><dt class="inline font-semibold text-gray-700">Affected packages:</dt> <dd class="inline">angular @ 1.6.10 (+7 more)</dd></div>
      
      
      
      
    </dl>
    All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.
  </div>
</section>

<section id="statement" class="my-6 cve-detail-section hidden">
  <div class="bg-white rounded-xl shadow-sm border border-gray-100 overflow-hidden p-6">
    <h3 class="text-lg font-semibold text-gray-900 mb-4">Statement</h3>
    <p id="statement-text" class="text-gray-700 whitespace-pre-line"></p>
  </div>
</section>
 
<section id="fixes-section" class="my-6 cve-detail-section">
  <div class="flex items-center justify-between mb-2">
    <h2 class="text-xl font-semibold">Fixes</h2>
    <div class="flex items-center gap-2">
      <label for="fixes-os-filter-details" class="w-full text-sm text-gray-700">Operating system / Project</label>
      <select id="fixes-os-filter-details" class="h-9 rounded-md border border-gray-300 bg-white px-3 text-sm text-gray-900">
        <option value="All">All</option>
      </select>
    </div>
  </div>
  <div id="fixes-table"></div>
  <div id="fixes-pagination" class="mt-3"></div>

<div id="fixes-statement-modal" class="fixed inset-0 bg-black/40 hidden flex items-center justify-center info-modal">
  <div class="bg-white rounded-lg shadow max-w-xl w-full flex flex-col h-[70vh] p-4 info-modal__panel">
    <div class="p-4 flex justify-between items-center">
      <h3 class="text-lg font-semibold">Statement</h3>
      <button id="fixes-statement-modal-close" class="text-gray-500 hover:text-gray-700 cursor-pointer" aria-label="Close">
        <img src="/cve-tracker/icons/close.svg" alt="close" class="h-4 w-4" />
      </button>
    </div>
    <div class="px-4 pb-0 flex-1 overflow-y-auto" id="fixes-statement-modal-body">
      
      <div class="prose prose-sm sm:prose-base max-w-none space-y-4">
        <p class="mt-4"><strong>Resolution: Won’t Fix</strong><br />The fix is not available upstream and is unlikely ever to be provided.</p>
        <p class="mt-4">This is not a backdoor or vulnerability that allows attackers to gain root or execute code in the kernel.</p>
        <ul class="list-disc list-outside ml-6 space-y-2">
          <li>At worst, it may allow an attacker to fingerprint that an OpenVPN service is running and discover its endpoints.</li>
          <li>This could help facilitate DDoS or brute-force attempts, but it does not impact kernel memory safety.</li>
        </ul>
        <p class="mt-4"><strong>Why the CVSS Score Looks Inflated</strong></p>
        <ul class="list-disc list-outside ml-6 space-y-2">
          <li>The CVSS calculator assumes confidentiality, integrity, and availability impacts are “High” for any network-level information leak. That automatically inflates the score to 9.8 Critical, even though the practical effect is limited to reconnaissance.</li>
        </ul>
        <p class="mt-4">Some distribution security teams (e.g. Ubuntu) have therefore assigned it a Medium priority instead.</p>
      </div>
      
    </div>
    <div class="mt-4 px-4 pb-4 pt-4 text-right">
      <button id="fixes-statement-modal-ok" class="custom-btn btn-primary">Close</button>
    </div>
  </div>
</div>

</section>

<div id="errata-side-modal" class="fixed inset-0 hidden side-modal">
  <div class="absolute inset-0 bg-black/40" data-close="backdrop"></div>
  <aside class="absolute inset-y-0 right-0 w-full max-w-xl bg-white shadow-xl side-modal__panel flex flex-col translate-x-full">
      <div class="p-4 flex items-center justify-between">
      <h3 class="text-lg font-semibold">Release info</h3>
      <div class="flex items-center gap-4">
        <a href="#" id="copy-page-link" data-action="copy-page-link" class="app-link inline-flex items-center gap-1"><img src="/cve-tracker/icons/link.svg" alt="link" class="h-4 w-4" /> Copy page link</a>
        <a href="#" data-action="open-as-page" class="app-link inline-flex items-center gap-1"><img src="/cve-tracker/icons/external-link.svg" alt="external" class="h-4 w-4" /> Open as a page</a>
        <button id="errata-side-modal-close" class="text-gray-500 hover:text-gray-700 cursor-pointer" aria-label="Close">
          <img src="/cve-tracker/icons/close.svg" alt="close" class="h-4 w-4" />
        </button>
      </div>
    </div>
    <div class="flex-1 overflow-y-auto p-4" id="errata-side-modal-body">
      <div class="">
        
          <div class="grid grid-cols-2 gap-x-4 gap-y-2 text-sm">
            <div class="text-gray-500">Advisory</div>
            <div class="text-gray-900 font-medium">CLSA-2025:1748945064</div>
            <div class="text-gray-500">Operating system</div>
            <div class="text-gray-900">CentOS 8.4 ELS</div>
            <div class="text-gray-500">Published date</div>
            <div class="text-gray-900">Nov 16, 2014</div>
            <div class="text-gray-500">Project</div>
            <div class="text-gray-900">Linux</div>
            <div class="text-gray-500">Version</div>
            <div class="text-gray-900">2.11.0-1~ubuntu16.04.1+tuxcare.els12</div>
          </div>
          <div class="mt-3 flex flex-wrap items-center gap-2">
            <button class="custom-btn btn-primary">Advisory</button>
            
            <button class="custom-btn btn-tertiary flex items-center gap-2">
              <img src="/cve-tracker/icons/download.svg" alt="download" class="h-4 w-4" /> CSAF
            </button>
            <button class="custom-btn btn-tertiary flex items-center gap-2">
              <img src="/cve-tracker/icons/download.svg" alt="download" class="h-4 w-4" /> OVAL
            </button>
          </div>

<div>
          <nav class="my-6 flex gap-6 text-sm">
            <a href="#how-to-fix" class="side-nav-link pb-2 border-b-2 border-blue-600 text-gray-900">How to fix</a>
            <a href="#changelog" class="side-nav-link pb-2 border-b-2 border-transparent text-gray-500 hover:text-gray-700">Changelog</a>
            <a href="#packages-list" class="side-nav-link pb-2 border-b-2 border-transparent text-gray-500 hover:text-gray-700">Packages list</a>
            <a href="#cves" class="side-nav-link pb-2 border-b-2 border-transparent text-gray-500 hover:text-gray-700">CVEs</a>
          </nav>
        </div>

<section id="how-to-fix"  class="my-6">
          <h4 class="text-base font-semibold text-gray-900 mb-2">How to fix</h4>
          <div>
            <div class="text-sm text-gray-600 mb-1">Update command:</div>
            <div class="relative">
              <pre class="bg-gray-100 rounded-md p-3 text-sm text-gray-900 overflow-x-auto pr-10"><code>apt-get update
apt-get --only-upgrade install ansible*</code></pre>
              <button class="absolute top-2 right-2 app-link inline-flex items-center justify-center" id="copy-update-cmd" title="Copy">
                <img src="/cve-tracker/icons/copy.svg" alt="copy" class="h-4 w-4" />
              </button>
            </div>
          </div>
        </section>

<section id="changelog" class="my-6">
          <h4 class="text-base font-semibold text-gray-900 mb-2">Changelog</h4>
          <ul class="list-disc list-outside ml-5 space-y-1 text-sm text-gray-900">
            <li>Insufficiently Random Passwords Leakage</li>
            <li>Debian/patches/CVE-2020-10729.patch: Fix caching of Jinja2 expressions to prevent caching dynamic results</li>
            <li>CVE-2020-10729</li>
          </ul>
        </section>

<section id="packages-list" class="my-6">
          <h4 class="text-base font-semibold text-gray-900 mb-2">Packages list</h4>
          <div class="text-sm text-gray-900">ansible_2.5.1+dfsg-1ubuntu0.1+tuxcare.els6_all.deb</div>
        </section>

</div>
</div>

<div id="subscribe-modal" class="fixed inset-0 hidden items-center justify-center bg-black/40 z-50">
  <div class="bg-white rounded-lg shadow max-w-[400px] w-[400px] max-h-[80vh] p-0 flex flex-col min-h-0">
    <div class="p-4 flex justify-between items-center">
      <h3 class="text-lg font-semibold">Subscribe to updates</h3>
      <button id="subscribe-modal-close" class="text-gray-500 hover:text-gray-700" aria-label="Close">
        <img src="/cve-tracker/icons/close.svg" alt="close" class="h-4 w-4 cursor-pointer" />
      </button>
    </div>
    <form id="subscribe-form" class="flex-1 flex flex-col min-h-0">
      <div class="px-4 pb-4 overflow-y-auto flex-1 min-h-0">

<img src="/cve-tracker/icons/subscribe-banner.svg" alt="" class="mb-4" />
        <div class="text-base font-semibold text-[#0F192C] leading-[22px] mb-3">About you</div>
        <div class="grid grid-cols-1 gap-4">

<div class="flex flex-col">
  <label for="email" class="text-sm font-medium leading-5 mb-1" style="color: var(--color-neutral-70)">Email</label>
  <input type="email" id="email" name="email" placeholder="Work e-mail" class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent text-sm ">
</div>

<div class="flex flex-col">
  <label for="company" class="text-sm font-medium leading-5 mb-1" style="color: var(--color-neutral-70)">Company name</label>
  <input type="text" id="company" name="company" placeholder="Your organization" class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent text-sm ">
</div>

</div>

<div class="grid grid-cols-1 gap-4 pt-4">
          
<div class="flex flex-col" data-ams-root="subscribe-product-select">
  <label class="text-sm font-medium leading-5 mb-1" style="color: var(--color-neutral-70)" for="subscribe-product-select-input">Product</label>
  <input type="hidden" id="subscribe-product-select" name="product" value="" />
  
  
  <div class="flex flex-wrap gap-1 mb-1 empty:hidden" data-ams-chips="subscribe-product-select"></div>
  
  
  <div class="relative">
    <input 
      type="text" 
      id="subscribe-product-select-input"
      placeholder="Type to search products..." 
      autocomplete="off"
      class="w-full pl-3 pr-8 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500 text-sm cursor-pointer" 
      data-ams-input="subscribe-product-select" 
    />
    
    <svg class="ams-chevron absolute right-3 top-1/2 -translate-y-1/2 h-4 w-4 text-gray-400 pointer-events-none transition-transform duration-200" data-ams-chevron="subscribe-product-select" viewBox="0 0 20 20" fill="currentColor">
      <path fill-rule="evenodd" d="M5.23 7.21a.75.75 0 011.06.02L10 11.168l3.71-3.938a.75.75 0 111.08 1.04l-4.25 4.5a.75.75 0 01-1.08 0l-4.25-4.5a.75.75 0 01.02-1.06z" clip-rule="evenodd" />
    </svg>
  </div>
  
  
  <div class="hidden fixed bg-white border border-gray-200 rounded-md shadow-lg max-h-64 overflow-auto z-[9999]" data-ams-menu="subscribe-product-select">
    <ul class="py-1 text-sm" data-ams-list="subscribe-product-select">
      
    </ul>
    <div class="px-3 py-2 text-sm text-gray-500 hidden" data-ams-empty="subscribe-product-select">No results found</div>
  </div>
</div>

<div class="flex flex-col" data-ms-root="ms-status" data-ms-join-sep="|">
  <label class="text-sm font-medium leading-5 mb-1" style="color: var(--color-neutral-70)" for="ms-status-button">CVE Status</label>
  <input type="hidden" id="ms-status" name="status" value="" />
  
  <div class="flex flex-wrap gap-1 mb-1 empty:hidden" data-ms-chips="ms-status"></div>
  <button id="ms-status-button" type="button" class="w-full px-3 py-2 border border-gray-300 rounded-md bg-white text-sm flex items-center justify-between focus:outline-none focus:ring-2 focus:ring-blue-500" data-ms-toggle="ms-status">
    <span class="text-gray-500" data-ms-placeholder="ms-status">Select statuses</span>
    <svg class="h-4 w-4 text-gray-500 shrink-0" viewBox="0 0 20 20" fill="currentColor"><path fill-rule="evenodd" d="M5.23 7.21a.75.75 0 011.06.02L10 11.084l3.71-3.853a.75.75 0 111.08 1.04l-4.24 4.4a.75.75 0 01-1.08 0l-4.24-4.4a.75.75 0 01.02-1.06z" clip-rule="evenodd" /></svg>
  </button>
  <div class="relative">
    <div class="bg-white border border-gray-200 rounded-md shadow hidden max-h-56 overflow-auto z-[9999]" data-ms-menu="ms-status">
      <ul class="py-1 text-sm">
        
        <li>
          <button type="button" class="w-full px-3 py-2 text-left hover:bg-gray-50 flex items-center gap-2" data-ms-item data-value="released">
            
            <span>Patch available</span>
            <img class="ms-check ml-auto hidden h-4 w-4" src="/cve-tracker/icons/check.svg" alt="selected" />
          </button>
        </li>
        
        <li>
          <button type="button" class="w-full px-3 py-2 text-left hover:bg-gray-50 flex items-center gap-2" data-ms-item data-value="in_research,needs_triage">
            
            <span>In Research</span>
            <img class="ms-check ml-auto hidden h-4 w-4" src="/cve-tracker/icons/check.svg" alt="selected" />
          </button>
        </li>
        
        <li>
          <button type="button" class="w-full px-3 py-2 text-left hover:bg-gray-50 flex items-center gap-2" data-ms-item data-value="in_progress,in_testing,in_rollout">
            
            <span>In progress</span>
            <img class="ms-check ml-auto hidden h-4 w-4" src="/cve-tracker/icons/check.svg" alt="selected" />
          </button>
        </li>
        
        <li>
          <button type="button" class="w-full px-3 py-2 text-left hover:bg-gray-50 flex items-center gap-2" data-ms-item data-value="not_affected">
            
            <span>Not vulnerable</span>
            <img class="ms-check ml-auto hidden h-4 w-4" src="/cve-tracker/icons/check.svg" alt="selected" />
          </button>
        </li>
        
        <li>
          <button type="button" class="w-full px-3 py-2 text-left hover:bg-gray-50 flex items-center gap-2" data-ms-item data-value="ignored">
            
            <span>Ignored</span>
            <img class="ms-check ml-auto hidden h-4 w-4" src="/cve-tracker/icons/check.svg" alt="selected" />
          </button>
        </li>
        
      </ul>
    </div>
  </div>
</div>

</div>
        <div class="text-xs text-gray-500 leading-relaxed py-4">By clicking "Subscribe" I agree with <a href="https://tuxcare.com/privacy-policies-hub" target="_blank" class="app-link-underlined">TuxCare.com privacy notice</a></div>
      </div>
      <div class="px-4 pt-2 pb-4 flex items-center justify-end gap-2 border-t border-gray-100">
        <button type="button" id="subscribe-modal-cancel" class="custom-btn btn-tertiary">Cancel</button>
        <button type="submit" class="custom-btn btn-primary">Subscribe</button>
      </div>
    </form>
  </div>
</div>

<button id="open-subscribe" type="button" class="sr-only" aria-hidden="true">Subscribe</button>

if (!product || !context) {
        if (bannerContainer && window.CVEDetailBanner) window.CVEDetailBanner.renderGenericBanner(bannerContainer);
        return;
      }

const m = window.location.pathname.match(/\/cve\/details\/([^/]+)\//);
      const cveId = m ? m[1] : null;
      if (!cveId) return;

function buildElsUrlFromSlug(slug) {
        const cfg = window.elsProductUrlsConfig;
        const base = (cfg && cfg.baseUrl ? cfg.baseUrl : "https://tuxcare.com/endless-lifecycle-support").replace(/\/$/, "");
        const overrides = (cfg && cfg.slugOverrides) || {};
        const slugFromProduct = Object.values(overrides).includes(slug);
        if (!slug || !slugFromProduct) return base + "/all-products/";
        return base + "/" + slug + "-eol-support/";
      }

if (bannerContainer && window.CVEDetailBanner) {
            window.CVEDetailBanner.renderBanner(data.status, bannerContainer, { elsUrl: elsUrl });
          }

if (data.product_display_name) {
            var productRow = document.getElementById("cve-affected-product-row");
            var productDd = document.getElementById("cve-affected-product");
            if (productRow && productDd) {
              var label = data.product_display_name;
              if (data.os_product_name) label += " (" + data.os_product_name + ")";
              productDd.textContent = label;
              productRow.classList.remove("hidden");
            }
          }

if (data.component_display_name || data.component_name) {
            var compRow = document.getElementById("cve-affected-component-row");
            var compDd = document.getElementById("cve-affected-component");
            if (compRow && compDd) {
              var compLabel = data.component_display_name || data.component_name;
              if (data.version) compLabel += ' ' + data.version;
              compDd.textContent = compLabel;
              compRow.classList.remove("hidden");
            }
          }

if (data.statement) {
            var stmtTab = document.getElementById("statement-tab");
            var stmtText = document.getElementById("statement-text");
            if (stmtTab) stmtTab.classList.remove("hidden");
            if (stmtText) stmtText.textContent = data.statement;

tabs.forEach(function (tab) {
        tab.addEventListener("click", function (e) {
          e.preventDefault();
          activateTab(tab.getAttribute("data-detail-tab"));
        });
      });

var firstTab = tabs[0];
      if (firstTab) activateTab(firstTab.getAttribute("data-detail-tab"));
    })();
    const container = document.getElementById("fixes-table");
    if (!container) return;

function advisoryStatusLabel(s) {
      if (!s) return "";
      const v = String(s).toLowerCase();
      if (v === "released" || v === "already_fixed" || v === "done") return "Patch available";
      if (v === "in_testing" || v === "in_progress" || v === "in_rollout") return "In progress";
      if (v === "needs_triage" || v === "in_research") return "In Research";
      if (v === "not_affected" || v === "false_positive" || v === "withdrawn") return "Not vulnerable";
      if (v === "ignored") return "Ignored";
      return s.replace(/_/g, " ").replace(/\b\w/g, (c) => c.toUpperCase());
    }

function render(page) {
      const selectedOs = osSelect ? osSelect.value : "All";
      const data = selectedOs === "All" ? allData : allData.filter((r) => String(r.os || r.product) === selectedOs);
      const perPage = 10;
      const start = (page - 1) * perPage;
      const pageData = data.slice(start, start + perPage);
      let html = '<div class="overflow-x-auto"><table class="min-w-full divide-y divide-gray-200">';
      html += '<thead class="bg-gray-50"><tr>' + '<th class="px-6 py-3 text-left text-xs font-medium text-gray-500">Product</th>' + '<th class="px-6 py-3 text-left text-xs font-medium text-gray-500">Affected component</th>' + '<th class="px-6 py-3 text-left text-xs font-medium text-gray-500">Advisory</th>' + '<th class="px-6 py-3 text-left text-xs font-medium text-gray-500">Last update</th>' + "</tr></thead>";
      html += '<tbody class="bg-white divide-y divide-gray-200">';
      pageData.forEach((r) => {
        
        const productLower = (r.product || "").toLowerCase();
        let iconKey = "";
        if (productLower.includes("alma")) iconKey = "almalinux.svg";
        else if (productLower.includes("centos")) iconKey = "centos.svg";
        else if (productLower.includes("cloudlinux")) iconKey = "cloudlinux.svg";
        else if (productLower.includes("ubuntu")) iconKey = "ubuntu.png";
        else if (productLower.includes("oracle linux")) iconKey = "oracle-linux.png";
        else if (productLower.includes("alpine")) iconKey = "tux.svg";
        else if (productLower.includes("debian")) iconKey = "debian.png";
        else if (productLower.includes("dotnet")) iconKey = "dotnet.svg";
        else if (productLower.includes("go")) iconKey = "go.svg";
        else if (productLower.includes("java")) iconKey = "java.svg";
        else if (productLower.includes("node")) iconKey = "nodejs.svg";
        else if (productLower.includes("perl")) iconKey = "perl.svg";
        else if (productLower.includes("php")) iconKey = "php.svg";
        else if (productLower.includes("ruby")) iconKey = "ruby.svg";
        else if (productLower.includes("rust")) iconKey = "rust.svg";
        else if (productLower.includes("spring") || productLower.includes("els for spring")) iconKey = "spring.svg";
        else if (productLower.includes("tuxcare")) iconKey = "tux.svg";
        else if (productLower.includes("angular") && !productLower.includes("angularjs")) iconKey = "angular.png";
        else if (productLower.includes("angularjs")) iconKey = "angularjs.svg";
        else if (productLower.includes("express")) iconKey = "express.png";
        else if (productLower.includes("apache") && productLower.includes("cxf")) iconKey = "apache-cxf.png";
        else if (productLower.includes("wildfly")) iconKey = "wildfly.png";
        else if (productLower.includes("netty")) iconKey = "netty.png";
        else if (productLower.includes("starlette")) iconKey = "starlette.png";
        else if (productLower.includes("werkzeug")) iconKey = "werkzeug.png";
        else if (productLower.includes("numpy")) iconKey = "numpy.png";
        else if (productLower.includes("livewire")) iconKey = "livewire.png";
        else if (productLower.includes("opensearch")) iconKey = "opensearch.png";

html += '<tr class="hover:bg-gray-50">' + `<td class="px-6 py-4 text-sm text-gray-900"><div class=\"flex items-center\"><div class=\"shrink-0 h-8 w-8 mr-3 rounded-md flex items-center justify-center overflow-hidden\">${iconSrc ? `<img src=\"${iconSrc}\" alt=\"${r.product}\" class=\"h-6 w-6 object-contain\" />` : ""}</div>${productHtml}</div></td>` + `<td class="px-6 py-4 text-sm text-gray-900">${componentHtml}</td>` + `<td class="px-6 py-4 text-sm">${errataHtml}</td>` + `<td class="px-6 py-4 text-sm text-gray-900">${lastUpdate}</td>` + "</tr>";
      });
      html += "</tbody></table></div>";
      container.innerHTML = html;

function bindSideHeaderLinks(advisory) {
      if (!side) return;
      const slug = advisoryToFixSlug(advisory);
      const detailsPath = slug ? `${window.BASE_PATH || ''}/fixes/details/${slug}/` : null;

const openAsPage = side.querySelector('[data-action="open-as-page"]');
      if (openAsPage) {
        openAsPage.setAttribute("href", detailsPath || "#");
      }

render(1);
    bindStatementHandlers();
    bindErrataHandlers();
    
    function activateSideTab(href) {
      const links = side ? side.querySelectorAll("a.side-nav-link") : [];
      links.forEach((l) => {
        if (l.getAttribute("href") === href) {
          l.classList.remove("text-gray-500");
          l.classList.add("text-gray-900");
          l.classList.add("border-b-2");
          l.classList.add("border-blue-600");
          l.classList.remove("border-transparent");
        } else {
          l.classList.add("text-gray-500");
          l.classList.remove("text-gray-900");
          l.classList.remove("border-blue-600");
          l.classList.add("border-transparent");
        }
      });
    }
    if (side) {
      side.querySelectorAll("a.side-nav-link").forEach((link) => {
        link.addEventListener("click", (e) => {
          activateSideTab(link.getAttribute("href"));
        });
      });
      
      activateSideTab("#how-to-fix");
    }
    if (side) {
      side.addEventListener("click", (e) => {
        if (e.target.getAttribute("data-close") === "backdrop") closeSide();
      });
      const closeBtn = document.getElementById("errata-side-modal-close");
      const okBtn = document.getElementById("errata-side-modal-ok");
      if (closeBtn) closeBtn.onclick = closeSide;
      if (okBtn) okBtn.onclick = closeSide;
      const copyBtn = document.getElementById("copy-update-cmd");
      if (copyBtn) {
        copyBtn.addEventListener("click", () => {
          const pre = copyBtn.parentElement && copyBtn.parentElement.querySelector("pre code");
          const text = pre ? pre.textContent : "apt-get update\napt-get --only-upgrade install ansible*";
          navigator.clipboard && navigator.clipboard.writeText(text).catch(() => {});
        });
      }
      
      function scrollToId(id) {
        const target = side.querySelector(id);
        if (!target) return;
        target.scrollIntoView({ behavior: "smooth", block: "start" });
      }
      side.querySelectorAll("a.side-nav-link").forEach((link) => {
        link.addEventListener("click", (e) => {
          e.preventDefault();
          const href = link.getAttribute("href");
          if (!href) return;
          activateSideTab(href);
          scrollToId(href);
        });
      });
    }
    function hide() {
      if (modal) {
        modal.classList.add("hidden");
        modal.classList.remove("flex");
      }
    }
    const hideAfter = () => {
      if (modal) {
        modal.classList.add("hide");
        setTimeout(() => modal.classList.add("hidden"), 1000);
      }
    };
    if (closeBtn) closeBtn.onclick = hideAfter;
    if (okBtn) okBtn.onclick = hideAfter;
    if (modal)
      modal.addEventListener("click", (e) => {
        if (e.target === modal) hideAfter();
      });
    if (document.getElementById("fixes-pagination")) {
      document.getElementById("fixes-pagination").addEventListener("click", () => {
        setTimeout(bindStatementHandlers, 0);
        setTimeout(bindErrataHandlers, 0);
      });
    }
  });
</script>
 </main>

<div id="contact-modal" class="fixed inset-0 hidden items-center justify-center bg-black/40 z-50">
  <div class="bg-white rounded-lg shadow max-w-[400px] w-[400px] max-h-[80vh] p-0 flex flex-col min-h-0">
    <div class="p-4 flex justify-between items-center">
      <h3 class="text-lg font-semibold">Contact us</h3>
      <button id="contact-modal-close" class="text-gray-500 hover:text-gray-700" aria-label="Close">
        <img src="/cve-tracker/icons/close.svg" alt="close" class="h-4 w-4 cursor-pointer" />
      </button>
    </div>
    <form id="contact-form" class="flex-1 flex flex-col min-h-0">
      <div class="px-4 pb-4 overflow-y-auto flex-1 min-h-0">
          <img src="/cve-tracker/icons/contact-banner.svg" alt="contact" class="mt-4 mb-6" />
        <div class="grid grid-cols-1 gap-4">

<div class="flex flex-col">
  <label for="firstName" class="text-sm font-medium leading-5 mb-1" style="color: var(--color-neutral-70)">First name</label>
  <input type="text" id="firstName" name="firstName" placeholder="First name" class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent text-sm ">
</div>

</div>
        <div class="mt-4">
          <label for="message" class="text-sm font-medium leading-5 mb-1 block" style="color: var(--color-neutral-70)">Questions or comments</label>
          <textarea id="message" name="message" rows="4" class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent text-sm resize-none" placeholder="Your message">

Severity

Details

Overview

About vulnerability