Important: nodejs20

🗓️ 03 May 2024 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 6 Views

Node.js 20 vulnerabilities discovered; update recommended to prevent exploitation risks.

Reporter	Title	Published	Views	Family All 635
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js vulnerabilities [ CVE-2024-27982, CVE-2024-27983]	4 Feb 202519:31	–	ibm
IBM Security Bulletins	Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control	8 Jul 202409:24	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Technical Support Appliance - possible excessive use of CPU	6 Feb 202520:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	3 Mar 202600:44	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway	17 May 202413:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js	17 Sep 202422:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	8 Aug 202417:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js	5 Jun 202401:55	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.16 and earlier	29 May 202414:43	–	ibm
IBM Security Bulletins	Security Bulletin: QRadar Pulse application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	22 Jul 202414:45	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	aarch64	nodejs20-libs-debuginfo	20.12.2-1.amzn2023.0.2	nodejs20-libs-debuginfo-20.12.2-1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	nodejs20-full-i18n	20.12.2-1.amzn2023.0.2	nodejs20-full-i18n-20.12.2-1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	nodejs20-debuginfo	20.12.2-1.amzn2023.0.2	nodejs20-debuginfo-20.12.2-1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	nodejs20-devel	20.12.2-1.amzn2023.0.2	nodejs20-devel-20.12.2-1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	v8-11.3-devel	11.3.244.8-1.20.12.2.1.amzn2023.0.2	v8-11.3-devel-11.3.244.8-1.20.12.2.1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	nodejs20	20.12.2-1.amzn2023.0.2	nodejs20-20.12.2-1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	nodejs20-libs	20.12.2-1.amzn2023.0.2	nodejs20-libs-20.12.2-1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	nodejs20-npm	10.5.0-1.20.12.2.1.amzn2023.0.2	nodejs20-npm-10.5.0-1.20.12.2.1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	aarch64	nodejs20-debugsource	20.12.2-1.amzn2023.0.2	nodejs20-debugsource-20.12.2-1.amzn2023.0.2.aarch64.rpm
Amazon Linux	2	noarch	nodejs20-docs	20.12.2-1.amzn2023.0.2	nodejs20-docs-20.12.2-1.amzn2023.0.2.noarch.rpm

19 Jun 2024 00:00Current

6.7Medium risk

Vulners AI Score6.7

CVSS 38.2

CVSS 3.13.5 - 5.3

EPSS0.75933

SSVC

node.js vulnerabilities http2 server issues nghttp2 limitations undici client tampering system update required