Lucene search
Https://packages.altlinux.org/en/sisyphus/security/0A59660B33B72D9854F62B8142C5F337HistoryMar 22, 2023 - 12:00 a.m.
Security fix for the ALT Linux 10 package node version 16.19.1-alt1
2023-03-2200:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
11
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
35.5%
16.19.1-alt1 built March 22, 2023 Andrey Cherepanov in task #316988
March 13, 2023 Vitaly Lipatov
- new version 16.19.1 (with rpmrb script)
- CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
- CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
- CVE-2023-23920: Node.js insecure loading of ICU data through ICU\_DATA environment variable (Low)
- CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
- CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
- set openssl >= 1.1.1s
- set npm >= 8.19.3
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ALT Linux | 10 | src | node | < 16.19.1-alt1 | node-16.19.1-alt1.src.rpm |
| ALT Linux | 10 | noarch | node-doc | < 16.19.1-alt1 | node-doc-16.19.1-alt1.noarch.rpm |
| ALT Linux | 10 | x86_64 | node | < 16.19.1-alt1 | node-16.19.1-alt1.x86_64.rpm |
| ALT Linux | 10 | x86_64 | node-debuginfo | < 16.19.1-alt1 | node-debuginfo-16.19.1-alt1.x86_64.rpm |
| ALT Linux | 10 | x86_64 | node-devel | < 16.19.1-alt1 | node-devel-16.19.1-alt1.x86_64.rpm |
| ALT Linux | 10 | i586 | node | < 16.19.1-alt1 | node-16.19.1-alt1.i586.rpm |
| ALT Linux | 10 | i586 | node-debuginfo | < 16.19.1-alt1 | node-debuginfo-16.19.1-alt1.i586.rpm |
| ALT Linux | 10 | i586 | node-devel | < 16.19.1-alt1 | node-devel-16.19.1-alt1.i586.rpm |
| ALT Linux | 10 | aarch64 | node | < 16.19.1-alt1 | node-16.19.1-alt1.aarch64.rpm |
| ALT Linux | 10 | aarch64 | node-debuginfo | < 16.19.1-alt1 | node-debuginfo-16.19.1-alt1.aarch64.rpm |
Related
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : nodejs16 (SUSE-SU-2023:0608-1)
2023-03-05 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : nodejs18 (SUSE-SU-2023:0738-1)
2023-03-16 00:00:00
Fedora 38 : nodejs16 / nodejs18 / nodejs20 (2023-973319d5b7)
2023-04-05 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: nodejs20-19.8.1-7.fc38
2023-04-04 18:17:01
[SECURITY] Fedora 38 Update: nodejs16-16.20.0-2.fc38
2023-04-04 18:17:01
[SECURITY] Fedora 38 Update: nodejs18-18.15.0-6.fc38
2023-04-04 18:17:01
openvas
openvas
Fedora: Security Advisory for nodejs18 (FEDORA-2023-973319d5b7)
2023-04-05 00:00:00
Fedora: Security Advisory for nodejs16 (FEDORA-2023-973319d5b7)
2023-04-05 00:00:00
Fedora: Security Advisory for nodejs20 (FEDORA-2023-973319d5b7)
2023-04-05 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.10 and earlier
2023-03-15 17:24:51
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Node.js
2023-06-28 20:58:14
Security Bulletin: Vulnerability in Node.js affects IBM Voice Gateway
2023-03-20 14:40:08
nodejsblog
nodejsblog
Thursday February 16 2023 Security Releases
2023-02-16 00:00:00
redhat
redhat
almalinux
almalinux
Moderate: nodejs:18 security, bug fix, and enhancement update
2023-05-09 00:00:00
Moderate: nodejs:16 security, bug fix, and enhancement update
2023-04-04 00:00:00
oraclelinux
oraclelinux
nodejs:16 security, bug fix, and enhancement update
2023-04-05 00:00:00
nodejs:18 security, bug fix, and enhancement update
2023-05-17 00:00:00
nodejs:18 security, bug fix, and enhancement update
2023-04-05 00:00:00
osv
osv
Moderate: nodejs:18 security, bug fix, and enhancement update
2023-05-09 00:00:00
Moderate: nodejs:16 security, bug fix, and enhancement update
2023-04-06 15:52:43
rocky
rocky
nodejs:16 security, bug fix, and enhancement update
2023-04-06 15:52:43
nodejs:18 security, bug fix, and enhancement update
2023-04-06 15:52:43
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-05-25 19:53:09
mageia
mageia
Updated nodejs packages fix security vulnerability
2023-03-02 00:14:31
f5
f5
K000134602 : Node.js vulnerabilities CVE-2023-23918 and CVE-2023-23920
2023-05-15 00:00:00
K000133616 : Node.js vulnerability CVE-2023-23919
2023-04-22 00:00:00
ubuntu
ubuntu
Node.js vulnerabilities
2024-03-04 00:00:00
alpinelinux
alpinelinux
prion
prion
Crlf injection
2023-02-16 18:15:00
Design/Logic Flaw
2023-02-23 20:15:00
Design/Logic Flaw
2023-02-16 18:15:00
hackerone
hackerone
redhatcve
redhatcve
veracode
veracode
CRLF Injection
2023-02-17 03:00:42
Improper Access Control
2023-02-18 04:53:51
Denial Of Service (DoS)
2023-02-18 05:18:49
ubuntucve
ubuntucve
cve
cve
cbl_mariner
cbl_mariner
CVE-2023-23936 affecting package nodejs 16.18.1-2
2023-03-24 23:56:25
CVE-2023-23920 affecting package nodejs 14.21.1-3
2023-08-15 16:37:27
CVE-2023-23919 affecting package nodejs 14.21.1-3
2023-08-15 16:37:27
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0011
2023-05-24 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0545
2023-03-07 00:00:00
debiancve
debiancve
github
github
CRLF Injection in Nodejs ‘undici’ via host
2023-02-16 20:46:30
Regular Expression Denial of Service in Headers
2023-02-16 20:46:10
debian
debian
[SECURITY] [DSA 5395-1] nodejs security update
2023-05-02 13:50:05
[SECURITY] [DSA 5589-1] nodejs security update
2023-12-27 22:12:40
[SECURITY] [DLA 3344-1] nodejs security update
2023-02-26 01:17:34
oracle
oracle
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
35.5%
Related for 0A59660B33B72D9854F62B8142C5F337