In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1.
{"ubuntucve": [{"lastseen": "2023-06-28T14:00:07", "description": "In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before\n10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service\n(DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by\nsending headers very slowly. This keeps the connection and associated\nresources alive for a long period of time. Potential attacks are mitigated\nby the use of a load balancer or other proxy layer. This vulnerability is\nan extension of CVE-2018-12121, addressed in November and impacts all\nactive Node.js release lines including 6.x before 6.17.0, 8.x before\n8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-28T00:00:00", "type": "ubuntucve", "title": "CVE-2019-5737", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2019-5737"], "modified": "2019-03-28T00:00:00", "id": "UB:CVE-2019-5737", "href": "https://ubuntu.com/security/CVE-2019-5737", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-24T14:31:07", "description": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0:\nDenial of Service with large HTTP headers: By using a combination of many\nrequests with maximum sized headers (almost 80 KB per connection), and\ncarefully timed completion of the headers, it is possible to cause the HTTP\nserver to abort from heap allocation failure. Attack potential is mitigated\nby the use of a load balancer or other proxy layer.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[msalvatore](<https://launchpad.net/~msalvatore>) | RedHat found that the patch from the november-2018 security release caused some regressions. The patches below are perhapse a better approach to resolving this CVE. http-parser must be patched. I'm deferring this until a http-parser v2.9.0 makes it into the archive.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-28T00:00:00", "type": "ubuntucve", "title": "CVE-2018-12121", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2018-11-28T00:00:00", "id": "UB:CVE-2018-12121", "href": "https://ubuntu.com/security/CVE-2018-12121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-06-13T18:12:34", "description": "In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-28T17:29:00", "type": "debiancve", "title": "CVE-2019-5737", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2019-5737"], "modified": "2019-03-28T17:29:00", "id": "DEBIANCVE:CVE-2019-5737", "href": "https://security-tracker.debian.org/tracker/CVE-2019-5737", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T14:39:43", "description": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-28T17:29:00", "type": "debiancve", "title": "CVE-2018-12121", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2018-11-28T17:29:00", "id": "DEBIANCVE:CVE-2018-12121", "href": "https://security-tracker.debian.org/tracker/CVE-2018-12121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "alpinelinux": [{"lastseen": "2023-06-23T11:05:52", "description": "In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-28T17:29:00", "type": "alpinelinux", "title": "CVE-2019-5737", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2019-5737"], "modified": "2020-10-16T19:08:00", "id": "ALPINE:CVE-2019-5737", "href": "https://security.alpinelinux.org/vuln/CVE-2019-5737", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:12", "description": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-28T17:29:00", "type": "alpinelinux", "title": "CVE-2018-12121", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2022-09-06T17:54:00", "id": "ALPINE:CVE-2018-12121", "href": "https://security.alpinelinux.org/vuln/CVE-2018-12121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-01-31T16:51:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-17T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for nodejs10 (openSUSE-SU-2019:1211-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5737"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852431", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852431", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852431\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-5737\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-17 02:01:26 +0000 (Wed, 17 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for nodejs10 (openSUSE-SU-2019:1211-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1211-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00059.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs10'\n package(s) announced via the openSUSE-SU-2019:1211-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for nodejs10 to version 10.1.2 fixes the following issue:\n\n Security issue fixed:\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127532).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1211=1\");\n\n script_tag(name:\"affected\", value:\"'nodejs10' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs10\", rpm:\"nodejs10~10.15.2~5.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs10-debuginfo\", rpm:\"nodejs10-debuginfo~10.15.2~5.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs10-debugsource\", rpm:\"nodejs10-debugsource~10.15.2~5.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs10-devel\", rpm:\"nodejs10-devel~10.15.2~5.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"npm10\", rpm:\"npm10~10.15.2~5.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs10-docs\", rpm:\"nodejs10-docs~10.15.2~5.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:54:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-03T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for nodejs4 (openSUSE-SU-2019:1076-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5739", "CVE-2019-1559", "CVE-2019-5737"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852378", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852378", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852378\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1559\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-03 06:42:05 +0000 (Wed, 03 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for nodejs4 (openSUSE-SU-2019:1076-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1076-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs4'\n package(s) announced via the openSUSE-SU-2019:1076-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for nodejs4 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-5739: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127533).\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127532).\n\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under\n certain circumstances a TLS server can be forced to respond differently\n to a client and lead to the decryption of the data (bsc#1127080).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1076=1\");\n\n script_tag(name:\"affected\", value:\"'nodejs4' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4\", rpm:\"nodejs4~4.9.1~23.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-debuginfo\", rpm:\"nodejs4-debuginfo~4.9.1~23.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-debugsource\", rpm:\"nodejs4-debugsource~4.9.1~23.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-devel\", rpm:\"nodejs4-devel~4.9.1~23.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"npm4\", rpm:\"npm4~4.9.1~23.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-docs\", rpm:\"nodejs4-docs~4.9.1~23.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:48:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2019:1173-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5739", "CVE-2019-1559", "CVE-2019-5737"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852412", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852412", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852412\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1559\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-09 02:01:03 +0000 (Tue, 09 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2019:1173-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1173-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs6'\n package(s) announced via the openSUSE-SU-2019:1173-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for nodejs6 to version 6.17.0 fixes the following issues:\n\n Security issues fixed:\n\n\n - CVE-2019-5739: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127533).\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127532).\n\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under\n certain circumstances a TLS server can be forced to respond differently\n to a client and lead to the decryption of the data (bsc#1127080).\n\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1173=1\");\n\n script_tag(name:\"affected\", value:\"'nodejs6' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6\", rpm:\"nodejs6~6.17.0~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-debuginfo\", rpm:\"nodejs6-debuginfo~6.17.0~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-debugsource\", rpm:\"nodejs6-debugsource~6.17.0~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-devel\", rpm:\"nodejs6-devel~6.17.0~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"npm6\", rpm:\"npm6~6.17.0~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-docs\", rpm:\"nodejs6-docs~6.17.0~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:55", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2019-2238)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7159", "CVE-2018-12121"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192238", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192238", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2238\");\n script_version(\"2020-01-23T12:42:33+0000\");\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:42:33 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:42:33 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2019-2238)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2238\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2238\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'http-parser' package(s) announced via the EulerOS-SA-2019-2238 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\n\nNode.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\");\n\n script_tag(name:\"affected\", value:\"'http-parser' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"http-parser\", rpm:\"http-parser~2.7.1~1.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:36", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2019-2158)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7159", "CVE-2018-12121"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192158", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192158", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2158\");\n script_version(\"2020-01-23T12:36:59+0000\");\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:36:59 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:36:59 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2019-2158)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2158\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2158\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'http-parser' package(s) announced via the EulerOS-SA-2019-2158 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\n\nNode.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\");\n\n script_tag(name:\"affected\", value:\"'http-parser' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"http-parser\", rpm:\"http-parser~2.7.1~5.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-14T16:47:43", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1198)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7159", "CVE-2018-12121"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201198", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201198", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1198\");\n script_version(\"2020-03-13T07:13:50+0000\");\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:13:50 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:13:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1198)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1198\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1198\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'http-parser' package(s) announced via the EulerOS-SA-2020-1198 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\nThe HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\");\n\n script_tag(name:\"affected\", value:\"'http-parser' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"http-parser\", rpm:\"http-parser~2.7.1~5.h2\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-09-20T14:39:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-19T00:00:00", "type": "openvas", "title": "CentOS Update for http-parser CESA-2019:2258 centos7 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7159", "CVE-2018-12121"], "modified": "2019-09-20T00:00:00", "id": "OPENVAS:1361412562310883105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883105", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883105\");\n script_version(\"2019-09-20T05:25:28+0000\");\n script_cve_id(\"CVE-2018-7159\", \"CVE-2018-12121\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-09-20 05:25:28 +0000 (Fri, 20 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-19 02:02:34 +0000 (Thu, 19 Sep 2019)\");\n script_name(\"CentOS Update for http-parser CESA-2019:2258 centos7 \");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2019:2258\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2019-September/023439.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'http-parser'\n package(s) announced via the CESA-2019:2258 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The http-parser package provides a utility for parsing HTTP messages. It\nparses both requests and responses. The parser is designed to be used in\nperformance HTTP applications. It does not make any system calls or\nallocations, it does not buffer data, and it can be interrupted at any\ntime. Depending on your architecture, it only requires about 40 bytes of\ndata per message stream.\n\nSecurity Fix(es):\n\n * nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n * nodejs: HTTP parser allowed for spaces inside Content-Length header\nvalues (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\");\n\n script_tag(name:\"affected\", value:\"'http-parser' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"http-parser\", rpm:\"http-parser~2.7.1~8.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"http-parser-devel\", rpm:\"http-parser-devel~2.7.1~8.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-17T16:55:56", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1486)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7159", "CVE-2018-12121"], "modified": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201486", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201486", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1486\");\n script_version(\"2020-04-16T05:58:03+0000\");\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:58:03 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:58:03 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1486)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1486\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1486\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'http-parser' package(s) announced via the EulerOS-SA-2020-1486 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\nThe HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\");\n\n script_tag(name:\"affected\", value:\"'http-parser' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"http-parser\", rpm:\"http-parser~2.7.1~5.h2.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-17T15:47:39", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1652)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7159", "CVE-2018-12121"], "modified": "2020-06-16T00:00:00", "id": "OPENVAS:1361412562311220201652", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201652", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1652\");\n script_version(\"2020-06-16T05:48:23+0000\");\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-16 05:48:23 +0000 (Tue, 16 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-16 05:48:23 +0000 (Tue, 16 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for http-parser (EulerOS-SA-2020-1652)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1652\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1652\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'http-parser' package(s) announced via the EulerOS-SA-2020-1652 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\nThe HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\");\n\n script_tag(name:\"affected\", value:\"'http-parser' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"http-parser\", rpm:\"http-parser~2.7.1~1.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:13:44", "description": "The host is installed with Node.js and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Node.js Multiple Vulnerabilities-Nov18 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12123", "CVE-2018-12122", "CVE-2018-12121"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814516", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Node.js Multiple Vulnerabilities-Nov18 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:nodejs:node.js\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814516\");\n script_version(\"2019-07-05T10:16:38+0000\");\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:16:38 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 12:56:10 +0530 (Thu, 29 Nov 2018)\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_name(\"Node.js Multiple Vulnerabilities-Nov18 (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Node.js and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An error in Hostname spoofing in URL parser for javascript protocol, If a\n Node.js is using url.parse() to determine the URL hostname, that hostname\n can be spoofed by using a mixed case 'javascript:',\n\n - An error in Slowloris HTTP, An attacker can cause a Denial of Service\n (DoS) by sending headers very slowly keeping HTTP or HTTPS connections\n and associated resources alive for a long period of time and\n\n - Denial of Service with large HTTP headers, By using a combination of many\n requests with maximum sized headers (almost 80 KB per connection), and\n carefully timed completion of the headers, it is possible to cause the\n HTTP server to abort from heap allocation failure.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct denial of service and spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Node.js All versions prior to 6.15.0,\n 8.14.0, 10.14.0 and 11.3.0 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Node.js 6.15.0, 8.14.0,\n or 10.14.0, 11.3.0 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases\");\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_nodejs_detect_win.nasl\");\n script_mandatory_keys(\"Nodejs/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nnodejsVer = infos['version'];\nappPath = infos['location'];\n\nif(version_in_range(version:nodejsVer, test_version:\"6.0\", test_version2:\"6.14.0\")){\n fix = \"6.15.0\";\n}\n\nelse if(version_in_range(version:nodejsVer, test_version:\"8.0\", test_version2:\"8.13.0,\")){\n fix = \"8.14.0\";\n}\n\nelse if(version_in_range(version:nodejsVer, test_version:\"10.0\", test_version2:\"10.13.0\")){\n fix = \"10.14.0\";\n}\n\nelse if(version_in_range(version:nodejsVer, test_version:\"11.0\", test_version2:\"11.2.0\")){\n fix = \"11.3.0\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:nodejsVer, fixed_version:fix, install_path:appPath);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:13:44", "description": "The host is installed with Node.js and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Node.js Multiple Vulnerabilities-Nov18 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12123", "CVE-2018-12122", "CVE-2018-12121"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814517", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814517", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Node.js Multiple Vulnerabilities-Nov18 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:nodejs:node.js\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814517\");\n script_version(\"2019-07-05T10:16:38+0000\");\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:16:38 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 13:13:28 +0530 (Thu, 29 Nov 2018)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"Node.js Multiple Vulnerabilities-Nov18 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Node.js and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An error in Hostname spoofing in URL parser for javascript protocol, If a\n Node.js is using url.parse() to determine the URL hostname, that hostname\n can be spoofed by using a mixed case 'javascript:',\n\n - An error in Slowloris HTTP, An attacker can cause a Denial of Service\n (DoS) by sending headers very slowly keeping HTTP or HTTPS connections\n and associated resources alive for a long period of time and\n\n - Denial of Service with large HTTP headers, By using a combination of many\n requests with maximum sized headers (almost 80 KB per connection), and\n carefully timed completion of the headers, it is possible to cause the\n HTTP server to abort from heap allocation failure.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct denial of service and spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Node.js All versions prior to 6.15.0,\n 8.14.0, 10.14.0 and 11.3.0 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Node.js version 6.15.0, 8.14.0,\n or 10.14.0, 11.3.0 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases\");\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_nodejs_detect_macosx.nasl\");\n script_mandatory_keys(\"Nodejs/MacOSX/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nnodejsVer = infos['version'];\nappPath = infos['location'];\n\nif(version_in_range(version:nodejsVer, test_version:\"6.0\", test_version2:\"6.14.0\")){\n fix = \"6.15.0\";\n}\n\nelse if(version_in_range(version:nodejsVer, test_version:\"8.0\", test_version2:\"8.13.0,\")){\n fix = \"8.14.0\";\n}\n\nelse if(version_in_range(version:nodejsVer, test_version:\"10.0\", test_version2:\"10.13.0\")){\n fix = \"10.14.0\";\n}\n\nelse if(version_in_range(version:nodejsVer, test_version:\"11.0\", test_version2:\"11.2.0\")){\n fix = \"11.3.0\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:nodejsVer, fixed_version:fix, install_path:appPath);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:47:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-29T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2019:0089-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12123", "CVE-2018-12122", "CVE-2018-12121", "CVE-2018-12116"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852258", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852258\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-12116\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-29 04:02:32 +0100 (Tue, 29 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2019:0089-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0089-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00039.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs8'\n package(s) announced via the openSUSE-SU-2019:0089-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for nodejs8 to version 8.15.0 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-12121: Fixed a Denial of Service with large HTTP headers\n (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service\n (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript\n protocol (bsc#1117629)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-89=1\");\n\n script_tag(name:\"affected\", value:\"nodejs8 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8\", rpm:\"nodejs8~8.15.0~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-debuginfo\", rpm:\"nodejs8-debuginfo~8.15.0~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-debugsource\", rpm:\"nodejs8-debugsource~8.15.0~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-devel\", rpm:\"nodejs8-devel~8.15.0~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"npm8\", rpm:\"npm8~8.15.0~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-docs\", rpm:\"nodejs8-docs~8.15.0~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-31T16:47:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-02-23T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2019:0234-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12123", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-12120", "CVE-2018-12122", "CVE-2018-12121", "CVE-2018-12116"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852311", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852311", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852311\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-23 04:07:21 +0100 (Sat, 23 Feb 2019)\");\n script_name(\"openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2019:0234-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0234-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-02/msg00052.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs6'\n package(s) announced via the openSUSE-SU-2019:0234-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for nodejs6 to version 6.16.0 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature\n generation (bsc#1113652)\n\n - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka\n 'PortSmash') (bsc#1113534)\n\n - CVE-2018-12120: Fixed that the debugger listens on any interface by\n default (bsc#1117625)\n\n - CVE-2018-12121: Fixed a denial of Service with large HTTP headers\n (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service\n (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript\n protocol (bsc#1117629)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-234=1\");\n\n script_tag(name:\"affected\", value:\"nodejs6 on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6\", rpm:\"nodejs6~6.16.0~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-debuginfo\", rpm:\"nodejs6-debuginfo~6.16.0~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-debugsource\", rpm:\"nodejs6-debugsource~6.16.0~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-devel\", rpm:\"nodejs6-devel~6.16.0~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"npm6\", rpm:\"npm6~6.16.0~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs6-docs\", rpm:\"nodejs6-docs~6.16.0~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:47:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for nodejs4 (openSUSE-SU-2019:0088-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12123", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-12120", "CVE-2018-12122", "CVE-2018-12121", "CVE-2018-12116"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852251", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852251\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\",\n \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-26 04:01:52 +0100 (Sat, 26 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for nodejs4 (openSUSE-SU-2019:0088-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0088-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00035.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs4'\n package(s) announced via the openSUSE-SU-2019:0088-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for nodejs4 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature\n generation (bsc#1113652)\n\n - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka\n 'PortSmash') (bsc#1113534)\n\n - CVE-2018-12120: Fixed that the debugger listens on any interface by\n default (bsc#1117625)\n\n - CVE-2018-12121: Fixed a denial of Service with large HTTP headers\n (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service\n (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript\n protocol (bsc#1117629)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-88=1\");\n\n script_tag(name:\"affected\", value:\"nodejs4 on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4\", rpm:\"nodejs4~4.9.1~20.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-debuginfo\", rpm:\"nodejs4-debuginfo~4.9.1~20.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-debugsource\", rpm:\"nodejs4-debugsource~4.9.1~20.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-devel\", rpm:\"nodejs4-devel~4.9.1~20.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"npm4\", rpm:\"npm4~4.9.1~20.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs4-docs\", rpm:\"nodejs4-docs~4.9.1~20.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-24T14:10:32", "description": "This update for nodejs10 to version 10.1.2 fixes the following issue:\n	 Security issue fixed :\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2019-04-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs10 (openSUSE-2019-1211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5737"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs10", "p-cpe:/a:novell:opensuse:nodejs10-debuginfo", "p-cpe:/a:novell:opensuse:nodejs10-debugsource", "p-cpe:/a:novell:opensuse:nodejs10-devel", "p-cpe:/a:novell:opensuse:npm10", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1211.NASL", "href": "https://www.tenable.com/plugins/nessus/124104", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1211.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124104);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-5737\");\n\n script_name(english:\"openSUSE Security Update : nodejs10 (openSUSE-2019-1211)\");\n script_summary(english:\"Check for the openSUSE-2019-1211 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs10 to version 10.1.2 fixes the following issue:\n	 Security issue fixed :\n\n - CVE-2019-5737: Fixed a potentially attack vector which\n could lead to Denial of Service when HTTP connection are\n kept active (bsc#1127532).\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127532\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs10 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs10-10.15.2-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs10-debuginfo-10.15.2-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs10-debugsource-10.15.2-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs10-devel-10.15.2-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"npm10-10.15.2-5.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs10 / nodejs10-debuginfo / nodejs10-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:10:19", "description": "This update for nodejs8 to version 8.15.1 fixes the following issue :\n\nSecurity issue fixed :\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-04-08T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs8 (openSUSE-2019-1167)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5737"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:nodejs8", "p-cpe:/a:novell:opensuse:nodejs8-debuginfo", "p-cpe:/a:novell:opensuse:nodejs8-debugsource", "p-cpe:/a:novell:opensuse:nodejs8-devel", "p-cpe:/a:novell:opensuse:npm8"], "id": "OPENSUSE-2019-1167.NASL", "href": "https://www.tenable.com/plugins/nessus/123821", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1167.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123821);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-5737\");\n\n script_name(english:\"openSUSE Security Update : nodejs8 (openSUSE-2019-1167)\");\n script_summary(english:\"Check for the openSUSE-2019-1167 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs8 to version 8.15.1 fixes the following issue :\n\nSecurity issue fixed :\n\n - CVE-2019-5737: Fixed a potentially attack vector which\n could lead to Denial of Service when HTTP connection are\n kept active (bsc#1127532).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127532\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs8 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-8.15.1-lp150.2.13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-debuginfo-8.15.1-lp150.2.13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-debugsource-8.15.1-lp150.2.13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-devel-8.15.1-lp150.2.13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"npm8-8.15.1-lp150.2.13.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs8 / nodejs8-debuginfo / nodejs8-debugsource / nodejs8-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:20:49", "description": "This update for nodejs10 to version 10.1.2 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-03-20T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2019:0636-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5737"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs10", "p-cpe:/a:novell:suse_linux:nodejs10-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs10-debugsource", "p-cpe:/a:novell:suse_linux:nodejs10-devel", "p-cpe:/a:novell:suse_linux:npm10", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0636-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122965", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0636-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122965);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-5737\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2019:0636-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs10 to version 10.1.2 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to\nDenial of Service when HTTP connection are kept active (bsc#1127532).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5737/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190636-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0976d450\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2019-636=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-debuginfo-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-debugsource-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-devel-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"npm10-10.15.2-1.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs10\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:17:33", "description": "This update for nodejs10 to versio 10.15.2 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-03-19T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2019:0627-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5737"], "modified": "2020-02-04T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs10", "p-cpe:/a:novell:suse_linux:nodejs10-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs10-debugsource", "p-cpe:/a:novell:suse_linux:nodejs10-devel", "p-cpe:/a:novell:suse_linux:npm10", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0627-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122944", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0627-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122944);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/04\");\n\n script_cve_id(\"CVE-2019-5737\");\n\n script_name(english:\"SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2019:0627-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs10 to versio 10.15.2 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to\nDenial of Service when HTTP connection are kept active (bsc#1127532).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5737/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190627-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a32015b3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 15:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-15-2019-627=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-debuginfo-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-debugsource-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-devel-10.15.2-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"npm10-10.15.2-1.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs10\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:30:37", "description": "This update for nodejs8 to version 8.15.1 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-03-20T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2019:0635-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5737"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs8", "p-cpe:/a:novell:suse_linux:nodejs8-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs8-debugsource", "p-cpe:/a:novell:suse_linux:nodejs8-devel", "p-cpe:/a:novell:suse_linux:npm8", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0635-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122964", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0635-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122964);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-5737\");\n\n script_name(english:\"SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2019:0635-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs8 to version 8.15.1 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to\nDenial of Service when HTTP connection are kept active (bsc#1127532).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5737/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190635-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0554fe94\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 15:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-15-2019-635=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-8.15.1-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-debuginfo-8.15.1-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-debugsource-8.15.1-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-devel-8.15.1-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"npm8-8.15.1-3.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs8\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:50", "description": "An update of the nodejs package has been released.", "cvss3": {}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Nodejs PHSA-2019-1.0-0257", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2019-5737"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:nodejs", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0257_NODEJS.NASL", "href": "https://www.tenable.com/plugins/nessus/132525", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0257. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132525);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\n \"CVE-2018-12116\",\n \"CVE-2018-12121\",\n \"CVE-2018-12122\",\n \"CVE-2019-5737\"\n );\n script_bugtraq_id(106043, 107513);\n\n script_name(english:\"Photon OS 1.0: Nodejs PHSA-2019-1.0-0257\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the nodejs package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-257.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12116\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"nodejs-8.11.4-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"nodejs-debuginfo-8.11.4-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"nodejs-devel-8.11.4-3.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:17:39", "description": "This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127533).\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).	 \n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2019-03-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs4 (openSUSE-2019-1076)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs4", "p-cpe:/a:novell:opensuse:nodejs4-debuginfo", "p-cpe:/a:novell:opensuse:nodejs4-debugsource", "p-cpe:/a:novell:opensuse:nodejs4-devel", "p-cpe:/a:novell:opensuse:npm4", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1076.NASL", "href": "https://www.tenable.com/plugins/nessus/123495", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1076.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123495);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-1559\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"openSUSE Security Update : nodejs4 (openSUSE-2019-1076)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-5739: Fixed a potentially attack vector which\n could lead to Denial of Service when HTTP connection are\n kept active (bsc#1127533).\n\n - CVE-2019-5737: Fixed a potentially attack vector which\n could lead to Denial of Service when HTTP connection are\n kept active (bsc#1127532).\n\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding\n Oracle which under certain circumstances a TLS server\n can be forced to respond differently to a client and\n lead to the decryption of the data (bsc#1127080).	 \n\nThis update was imported from the SUSE:SLE-12:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127533\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nodejs4 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-4.9.1-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-debuginfo-4.9.1-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-debugsource-4.9.1-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-devel-4.9.1-23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"npm4-4.9.1-23.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs4 / nodejs4-debuginfo / nodejs4-debugsource / nodejs4-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:09:33", "description": "This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127533).\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\nCVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0658-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs4", "p-cpe:/a:novell:suse_linux:nodejs4-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs4-debugsource", "p-cpe:/a:novell:suse_linux:nodejs4-devel", "p-cpe:/a:novell:suse_linux:npm4", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0658-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122999", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0658-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122999);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-1559\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0658-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-5739: Fixed a potentially attack vector which could lead to\nDenial of Service when HTTP connection are kept active (bsc#1127533).\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to\nDenial of Service when HTTP connection are kept active (bsc#1127532).\n\nCVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under\ncertain circumstances a TLS server can be forced to respond\ndifferently to a client and lead to the decryption of the data\n(bsc#1127080).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1559/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-5737/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-5739/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190658-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f315609d\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2019-658=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-658=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-4.9.1-15.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-debuginfo-4.9.1-15.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-debugsource-4.9.1-15.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-devel-4.9.1-15.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"npm4-4.9.1-15.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs4\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:16:41", "description": "Node.js reports :\n\nUpdates are now available for all active Node.js release lines. In addition to fixes for security flaws in Node.js, they also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2r which contains a fix for a moderate severity security vulnerability.\n\nFor these releases, we have decided to withhold the fix for the Misinterpretation of Input (CWE-115) flaw mentioned in the original announcement. This flaw is very low severity and we are not satisfied that we had a complete and stable fix ready for release. We will be seeking to address this flaw via alternate mechanisms in the near future. In addition, we have introduced an additional CVE for a change in Node.js 6 that we have decided to classify as a Denial of Service (CWE-400) flaw.\n\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible. OpenSSL: 0-byte record padding oracle (CVE-2019-1559) OpenSSL 1.0.2r contains a fix for CVE-2019-1559 and is included in the releases for Node.js versions 6 and 8 only. Node.js 10 and 11 are not impacted by this vulnerability as they use newer versions of OpenSSL which do not contain the flaw.\n\nUnder certain circumstances, a TLS server can be forced to respond differently to a client if a zero-byte record is received with an invalid padding compared to a zero-byte record with an invalid MAC.\nThis can be used as the basis of a padding oracle attack to decrypt data.\n\nOnly TLS connections using certain ciphersuites executing under certain conditions are exploitable. We are currently unable to determine whether the use of OpenSSL in Node.js exposes this vulnerability. We are taking a cautionary approach and recommend the same for users. For more information, see the advisory and a detailed write-up by the reporters of the vulnerability.", "cvss3": {}, "published": "2019-03-04T00:00:00", "type": "nessus", "title": "FreeBSD : Node.js -- multiple vulnerabilities (b71d7193-3c54-11e9-a3f9-00155d006b02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:node", "p-cpe:/a:freebsd:freebsd:node10", "p-cpe:/a:freebsd:freebsd:node6", "p-cpe:/a:freebsd:freebsd:node8", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_B71D71933C5411E9A3F900155D006B02.NASL", "href": "https://www.tenable.com/plugins/nessus/122571", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122571);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-1559\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"FreeBSD : Node.js -- multiple vulnerabilities (b71d7193-3c54-11e9-a3f9-00155d006b02)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Node.js reports :\n\nUpdates are now available for all active Node.js release lines. In\naddition to fixes for security flaws in Node.js, they also include\nupgrades of Node.js 6 and 8 to OpenSSL 1.0.2r which contains a fix for\na moderate severity security vulnerability.\n\nFor these releases, we have decided to withhold the fix for the\nMisinterpretation of Input (CWE-115) flaw mentioned in the original\nannouncement. This flaw is very low severity and we are not satisfied\nthat we had a complete and stable fix ready for release. We will be\nseeking to address this flaw via alternate mechanisms in the near\nfuture. In addition, we have introduced an additional CVE for a change\nin Node.js 6 that we have decided to classify as a Denial of Service\n(CWE-400) flaw.\n\nWe recommend that all Node.js users upgrade to a version listed below\nas soon as possible. OpenSSL: 0-byte record padding oracle\n(CVE-2019-1559) OpenSSL 1.0.2r contains a fix for CVE-2019-1559 and is\nincluded in the releases for Node.js versions 6 and 8 only. Node.js 10\nand 11 are not impacted by this vulnerability as they use newer\nversions of OpenSSL which do not contain the flaw.\n\nUnder certain circumstances, a TLS server can be forced to respond\ndifferently to a client if a zero-byte record is received with an\ninvalid padding compared to a zero-byte record with an invalid MAC.\nThis can be used as the basis of a padding oracle attack to decrypt\ndata.\n\nOnly TLS connections using certain ciphersuites executing under\ncertain conditions are exploitable. We are currently unable to\ndetermine whether the use of OpenSSL in Node.js exposes this\nvulnerability. We are taking a cautionary approach and recommend the\nsame for users. For more information, see the advisory and a detailed\nwrite-up by the reporters of the vulnerability.\"\n );\n # https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e0a0184\"\n );\n # https://vuxml.freebsd.org/freebsd/b71d7193-3c54-11e9-a3f9-00155d006b02.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d3052c48\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1559\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"node<11.10.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node10<10.15.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node8<8.15.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node6<6.17.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:09:28", "description": "This update for nodejs6 to version 6.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127533).\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\nCVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).\n\nRelease Notes: https://nodejs.org/en/blog/release/v6.17.0/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0818-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs6", "p-cpe:/a:novell:suse_linux:nodejs6-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs6-debugsource", "p-cpe:/a:novell:suse_linux:nodejs6-devel", "p-cpe:/a:novell:suse_linux:npm6", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0818-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123551", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0818-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123551);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-1559\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0818-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs6 to version 6.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-5739: Fixed a potentially attack vector which could lead to\nDenial of Service when HTTP connection are kept active (bsc#1127533).\n\nCVE-2019-5737: Fixed a potentially attack vector which could lead to\nDenial of Service when HTTP connection are kept active (bsc#1127532).\n\nCVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under\ncertain circumstances a TLS server can be forced to respond\ndifferently to a client and lead to the decryption of the data\n(bsc#1127080).\n\nRelease Notes: https://nodejs.org/en/blog/release/v6.17.0/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://nodejs.org/en/blog/release/v6.17.0/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1559/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-5737/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-5739/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190818-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?33a21497\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2019-818=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-818=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2019-818=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-818=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-6.17.0-11.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-debuginfo-6.17.0-11.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-debugsource-6.17.0-11.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-devel-6.17.0-11.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"npm6-6.17.0-11.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:11:32", "description": "This update for nodejs6 to version 6.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127533).\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).\n\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).\n\nRelease Notes: https://nodejs.org/en/blog/release/v6.17.0/ \n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs6 (openSUSE-2019-1173)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs6", "p-cpe:/a:novell:opensuse:nodejs6-debuginfo", "p-cpe:/a:novell:opensuse:nodejs6-debugsource", "p-cpe:/a:novell:opensuse:nodejs6-devel", "p-cpe:/a:novell:opensuse:npm6", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1173.NASL", "href": "https://www.tenable.com/plugins/nessus/123919", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1173.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123919);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-1559\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"openSUSE Security Update : nodejs6 (openSUSE-2019-1173)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs6 to version 6.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-5739: Fixed a potentially attack vector which\n could lead to Denial of Service when HTTP connection are\n kept active (bsc#1127533).\n\n - CVE-2019-5737: Fixed a potentially attack vector which\n could lead to Denial of Service when HTTP connection are\n kept active (bsc#1127532).\n\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding\n Oracle which under certain circumstances a TLS server\n can be forced to respond differently to a client and\n lead to the decryption of the data (bsc#1127080).\n\nRelease Notes: https://nodejs.org/en/blog/release/v6.17.0/ \n\nThis update was imported from the SUSE:SLE-12:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://nodejs.org/en/blog/release/v6.17.0/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nodejs6 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-6.17.0-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-debuginfo-6.17.0-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-debugsource-6.17.0-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-devel-6.17.0-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"npm6-6.17.0-21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs6 / nodejs6-debuginfo / nodejs6-debugsource / nodejs6-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:59", "description": "An update for http-parser is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "RHEL 8 : http-parser (RHSA-2019:3497)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:http-parser", "p-cpe:/a:redhat:enterprise_linux:http-parser-debuginfo", "p-cpe:/a:redhat:enterprise_linux:http-parser-debugsource", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3497.NASL", "href": "https://www.tenable.com/plugins/nessus/130545", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3497. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130545);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2018-12121\");\n script_xref(name:\"RHSA\", value:\"2019:3497\");\n\n script_name(english:\"RHEL 8 : http-parser (RHSA-2019:3497)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for http-parser is now available for Red Hat Enterprise\nLinux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be\nused in performance HTTP applications. It does not make any system\ncalls or allocations, it does not buffer data, and it can be\ninterrupted at any time. Depending on your architecture, it only\nrequires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?774148ae\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3497\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-12121\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected http-parser, http-parser-debuginfo and / or\nhttp-parser-debugsource packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:http-parser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:http-parser-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3497\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"http-parser-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"http-parser-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"http-parser-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"http-parser-debuginfo-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"http-parser-debuginfo-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"http-parser-debuginfo-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"http-parser-debugsource-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"http-parser-debugsource-2.8.0-5.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"http-parser-debugsource-2.8.0-5.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser / http-parser-debuginfo / http-parser-debugsource\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:22:39", "description": "The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2019:3497 advisory.\n\n - nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : http-parser (CESA-2019:3497)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:http-parser"], "id": "CENTOS8_RHSA-2019-3497.NASL", "href": "https://www.tenable.com/plugins/nessus/145594", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3497. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145594);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2018-12121\");\n script_bugtraq_id(106043);\n script_xref(name:\"RHSA\", value:\"2019:3497\");\n\n script_name(english:\"CentOS 8 : http-parser (CESA-2019:3497)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the\nCESA-2019:3497 advisory.\n\n - nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3497\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12121\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:http-parser\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'http-parser-2.8.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-2.8.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'http-parser');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T16:47:46", "description": "The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-3497 advisory.\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : http-parser (ELSA-2019-3497)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:http-parser"], "id": "ORACLELINUX_ELSA-2019-3497.NASL", "href": "https://www.tenable.com/plugins/nessus/180698", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-3497.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180698);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\"CVE-2018-12121\");\n\n script_name(english:\"Oracle Linux 8 : http-parser (ELSA-2019-3497)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the\nELSA-2019-3497 advisory.\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large\n HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per\n connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to\n abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other\n proxy layer. (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-3497.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12121\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:http-parser\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'http-parser-2.8.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-2.8.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-2.8.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'http-parser');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:11", "description": "According to the versions of the http-parser package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : http-parser (EulerOS-SA-2019-2238)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:http-parser", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2238.NASL", "href": "https://www.tenable.com/plugins/nessus/130700", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130700);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-12121\",\n \"CVE-2018-7159\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : http-parser (EulerOS-SA-2019-2238)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the http-parser package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The HTTP parser in all current versions of Node.js\n ignores spaces in the `Content-Length` header, allowing\n input such as `Content-Length: 1 2` to be interpreted\n as having a value of `12`. The HTTP specification does\n not allow for spaces in the `Content-Length` value and\n the Node.js HTTP parser has been brought into line on\n this particular difference. The security risk of this\n flaw to Node.js users is considered to be VERY LOW as\n it is difficult, and may be impossible, to craft an\n attack that makes use of this flaw in a way that could\n not already be achieved by supplying an incorrect value\n for `Content-Length`. Vulnerabilities may exist in\n user-code that make incorrect assumptions about the\n potential accuracy of this value compared to the actual\n length of the data supplied. Node.js users crafting\n lower-level HTTP utilities are advised to re-check the\n length of any input supplied after parsing is\n complete.(CVE-2018-7159)\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0,\n 10.14.0 and 11.3.0: Denial of Service with large HTTP\n headers: By using a combination of many requests with\n maximum sized headers (almost 80 KB per connection),\n and carefully timed completion of the headers, it is\n possible to cause the HTTP server to abort from heap\n allocation failure. Attack potential is mitigated by\n the use of a load balancer or other proxy\n layer.(CVE-2018-12121)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2238\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8eba8e63\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"http-parser-2.7.1-1.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:02:17", "description": "According to the versions of the http-parser package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : http-parser (EulerOS-SA-2020-1652)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:http-parser", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1652.NASL", "href": "https://www.tenable.com/plugins/nessus/137494", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137494);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-12121\",\n \"CVE-2018-7159\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : http-parser (EulerOS-SA-2020-1652)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the http-parser package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0,\n 10.14.0 and 11.3.0: Denial of Service with large HTTP\n headers: By using a combination of many requests with\n maximum sized headers (almost 80 KB per connection),\n and carefully timed completion of the headers, it is\n possible to cause the HTTP server to abort from heap\n allocation failure. Attack potential is mitigated by\n the use of a load balancer or other proxy\n layer.(CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js\n ignores spaces in the `Content-Length` header, allowing\n input such as `Content-Length: 1 2` to be interpreted\n as having a value of `12`. The HTTP specification does\n not allow for spaces in the `Content-Length` value and\n the Node.js HTTP parser has been brought into line on\n this particular difference. The security risk of this\n flaw to Node.js users is considered to be VERY LOW as\n it is difficult, and may be impossible, to craft an\n attack that makes use of this flaw in a way that could\n not already be achieved by supplying an incorrect value\n for `Content-Length`. Vulnerabilities may exist in\n user-code that make incorrect assumptions about the\n potential accuracy of this value compared to the actual\n length of the data supplied. Node.js users crafting\n lower-level HTTP utilities are advised to re-check the\n length of any input supplied after parsing is\n complete.(CVE-2018-7159)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1652\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eb487857\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"http-parser-2.7.1-1.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:16", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has http-parser packages installed that are affected by multiple vulnerabilities:\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.\n (CVE-2018-7159)\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : http-parser Multiple Vulnerabilities (NS-SA-2019-0208)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0208_HTTP-PARSER.NASL", "href": "https://www.tenable.com/plugins/nessus/129916", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0208. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129916);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-7159\", \"CVE-2018-12121\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : http-parser Multiple Vulnerabilities (NS-SA-2019-0208)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has http-parser packages installed that are\naffected by multiple vulnerabilities:\n\n - The HTTP parser in all current versions of Node.js\n ignores spaces in the `Content-Length` header, allowing\n input such as `Content-Length: 1 2` to be interpreted as\n having a value of `12`. The HTTP specification does not\n allow for spaces in the `Content-Length` value and the\n Node.js HTTP parser has been brought into line on this\n particular difference. The security risk of this flaw to\n Node.js users is considered to be VERY LOW as it is\n difficult, and may be impossible, to craft an attack\n that makes use of this flaw in a way that could not\n already be achieved by supplying an incorrect value for\n `Content-Length`. Vulnerabilities may exist in user-code\n that make incorrect assumptions about the potential\n accuracy of this value compared to the actual length of\n the data supplied. Node.js users crafting lower-level\n HTTP utilities are advised to re-check the length of any\n input supplied after parsing is complete.\n (CVE-2018-7159)\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0,\n 10.14.0 and 11.3.0: Denial of Service with large HTTP\n headers: By using a combination of many requests with\n maximum sized headers (almost 80 KB per connection), and\n carefully timed completion of the headers, it is\n possible to cause the HTTP server to abort from heap\n allocation failure. Attack potential is mitigated by the\n use of a load balancer or other proxy layer.\n (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0208\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL http-parser packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"http-parser-2.7.1-8.el7\",\n \"http-parser-debuginfo-2.7.1-8.el7\",\n \"http-parser-devel-2.7.1-8.el7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"http-parser-2.7.1-8.el7\",\n \"http-parser-debuginfo-2.7.1-8.el7\",\n \"http-parser-devel-2.7.1-8.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:10", "description": "An update for http-parser is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 7 : http-parser (RHSA-2019:2258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:http-parser", "p-cpe:/a:redhat:enterprise_linux:http-parser-debuginfo", "p-cpe:/a:redhat:enterprise_linux:http-parser-devel", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2258.NASL", "href": "https://www.tenable.com/plugins/nessus/127700", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2258. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127700);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_xref(name:\"RHSA\", value:\"2019:2258\");\n\n script_name(english:\"RHEL 7 : http-parser (RHSA-2019:2258)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for http-parser is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be\nused in performance HTTP applications. It does not make any system\ncalls or allocations, it does not buffer data, and it can be\ninterrupted at any time. Depending on your architecture, it only\nrequires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header\nvalues (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2258\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-7159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-12121\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected http-parser, http-parser-debuginfo and / or\nhttp-parser-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:http-parser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:http-parser-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2258\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"http-parser-2.7.1-8.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"http-parser-debuginfo-2.7.1-8.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"http-parser-devel-2.7.1-8.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser / http-parser-debuginfo / http-parser-devel\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:42", "description": "An update for http-parser is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {}, "published": "2019-09-19T00:00:00", "type": "nessus", "title": "CentOS 7 : http-parser (CESA-2019:2258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2019-12-27T00:00:00", "cpe": ["p-cpe:/a:centos:centos:http-parser", "p-cpe:/a:centos:centos:http-parser-devel", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2258.NASL", "href": "https://www.tenable.com/plugins/nessus/129016", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2258 and \n# CentOS Errata and Security Advisory 2019:2258 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129016);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_xref(name:\"RHSA\", value:\"2019:2258\");\n\n script_name(english:\"CentOS 7 : http-parser (CESA-2019:2258)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for http-parser is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be\nused in performance HTTP applications. It does not make any system\ncalls or allocations, it does not buffer data, and it can be\ninterrupted at any time. Depending on your architecture, it only\nrequires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header\nvalues (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2019-September/023439.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2860b587\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected http-parser packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:http-parser-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"http-parser-2.7.1-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"http-parser-devel-2.7.1-8.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser / http-parser-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:31", "description": "According to the versions of the http-parser package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - This is a parser for HTTP messages written in C. It parses both requests and responses. The parser is designed to be used in performance HTTP applications.It does not make any syscalls nor allocations, it does not buffer data, it can be interrupted at anytime.\n Depending on your architecture, it only requires about 40 bytes of data per message stream (in a web server that is per connection).Security Fix(es):The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : http-parser (EulerOS-SA-2019-2158)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:http-parser", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2158.NASL", "href": "https://www.tenable.com/plugins/nessus/130867", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130867);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-12121\",\n \"CVE-2018-7159\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : http-parser (EulerOS-SA-2019-2158)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the http-parser package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - This is a parser for HTTP messages written in C. It\n parses both requests and responses. The parser is\n designed to be used in performance HTTP applications.It\n does not make any syscalls nor allocations, it does not\n buffer data, it can be interrupted at anytime.\n Depending on your architecture, it only requires about\n 40 bytes of data per message stream (in a web server\n that is per connection).Security Fix(es):The HTTP\n parser in all current versions of Node.js ignores\n spaces in the `Content-Length` header, allowing input\n such as `Content-Length: 1 2` to be interpreted as\n having a value of `12`. The HTTP specification does not\n allow for spaces in the `Content-Length` value and the\n Node.js HTTP parser has been brought into line on this\n particular difference. The security risk of this flaw\n to Node.js users is considered to be VERY LOW as it is\n difficult, and may be impossible, to craft an attack\n that makes use of this flaw in a way that could not\n already be achieved by supplying an incorrect value for\n `Content-Length`. Vulnerabilities may exist in\n user-code that make incorrect assumptions about the\n potential accuracy of this value compared to the actual\n length of the data supplied. Node.js users crafting\n lower-level HTTP utilities are advised to re-check the\n length of any input supplied after parsing is\n complete.(CVE-2018-7159)Node.js: All versions prior to\n Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of\n Service with large HTTP headers: By using a combination\n of many requests with maximum sized headers (almost 80\n KB per connection), and carefully timed completion of\n the headers, it is possible to cause the HTTP server to\n abort from heap allocation failure. Attack potential is\n mitigated by the use of a load balancer or other proxy\n layer.(CVE-2018-12121)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2158\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?018c2430\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"http-parser-2.7.1-5.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:04:55", "description": "According to the versions of the http-parser package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-16T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : http-parser (EulerOS-SA-2020-1486)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:http-parser", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2020-1486.NASL", "href": "https://www.tenable.com/plugins/nessus/135648", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135648);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-12121\",\n \"CVE-2018-7159\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : http-parser (EulerOS-SA-2020-1486)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the http-parser package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0,\n 10.14.0 and 11.3.0: Denial of Service with large HTTP\n headers: By using a combination of many requests with\n maximum sized headers (almost 80 KB per connection),\n and carefully timed completion of the headers, it is\n possible to cause the HTTP server to abort from heap\n allocation failure. Attack potential is mitigated by\n the use of a load balancer or other proxy\n layer.(CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js\n ignores spaces in the `Content-Length` header, allowing\n input such as `Content-Length: 1 2` to be interpreted\n as having a value of `12`. The HTTP specification does\n not allow for spaces in the `Content-Length` value and\n the Node.js HTTP parser has been brought into line on\n this particular difference. The security risk of this\n flaw to Node.js users is considered to be VERY LOW as\n it is difficult, and may be impossible, to craft an\n attack that makes use of this flaw in a way that could\n not already be achieved by supplying an incorrect value\n for `Content-Length`. Vulnerabilities may exist in\n user-code that make incorrect assumptions about the\n potential accuracy of this value compared to the actual\n length of the data supplied. Node.js users crafting\n lower-level HTTP utilities are advised to re-check the\n length of any input supplied after parsing is\n complete.(CVE-2018-7159)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1486\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?07dd0309\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"http-parser-2.7.1-5.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T18:07:27", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2258 advisory.\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. (CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`.\n Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.\n (CVE-2018-7159)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : http-parser (ELSA-2019-2258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:http-parser", "p-cpe:/a:oracle:linux:http-parser-devel"], "id": "ORACLELINUX_ELSA-2019-2258.NASL", "href": "https://www.tenable.com/plugins/nessus/180827", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-2258.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180827);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\"CVE-2018-7159\", \"CVE-2018-12121\");\n\n script_name(english:\"Oracle Linux 7 : http-parser (ELSA-2019-2258)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-2258 advisory.\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large\n HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per\n connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to\n abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other\n proxy layer. (CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing\n input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification\n does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into\n line on this particular difference. The security risk of this flaw to Node.js users is considered to be\n VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a\n way that could not already be achieved by supplying an incorrect value for `Content-Length`.\n Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of\n this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP\n utilities are advised to re-check the length of any input supplied after parsing is complete.\n (CVE-2018-7159)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-2258.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser and / or http-parser-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:http-parser-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'http-parser-2.7.1-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-devel-2.7.1-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-2.7.1-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-devel-2.7.1-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-2.7.1-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'http-parser-devel-2.7.1-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'http-parser / http-parser-devel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:47", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has http-parser packages installed that are affected by multiple vulnerabilities:\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.\n (CVE-2018-7159)\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : http-parser Multiple Vulnerabilities (NS-SA-2019-0257)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0257_HTTP-PARSER.NASL", "href": "https://www.tenable.com/plugins/nessus/132435", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0257. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132435);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-7159\", \"CVE-2018-12121\");\n script_bugtraq_id(106043);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : http-parser Multiple Vulnerabilities (NS-SA-2019-0257)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has http-parser packages installed that are\naffected by multiple vulnerabilities:\n\n - The HTTP parser in all current versions of Node.js\n ignores spaces in the `Content-Length` header, allowing\n input such as `Content-Length: 1 2` to be interpreted as\n having a value of `12`. The HTTP specification does not\n allow for spaces in the `Content-Length` value and the\n Node.js HTTP parser has been brought into line on this\n particular difference. The security risk of this flaw to\n Node.js users is considered to be VERY LOW as it is\n difficult, and may be impossible, to craft an attack\n that makes use of this flaw in a way that could not\n already be achieved by supplying an incorrect value for\n `Content-Length`. Vulnerabilities may exist in user-code\n that make incorrect assumptions about the potential\n accuracy of this value compared to the actual length of\n the data supplied. Node.js users crafting lower-level\n HTTP utilities are advised to re-check the length of any\n input supplied after parsing is complete.\n (CVE-2018-7159)\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0,\n 10.14.0 and 11.3.0: Denial of Service with large HTTP\n headers: By using a combination of many requests with\n maximum sized headers (almost 80 KB per connection), and\n carefully timed completion of the headers, it is\n possible to cause the HTTP server to abort from heap\n allocation failure. Attack potential is mitigated by the\n use of a load balancer or other proxy layer.\n (CVE-2018-12121)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0257\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL http-parser packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"http-parser-2.7.1-8.el7\",\n \"http-parser-debuginfo-2.7.1-8.el7\",\n \"http-parser-devel-2.7.1-8.el7\"\n ],\n \"CGSL MAIN 5.05\": [\n \"http-parser-2.7.1-8.el7\",\n \"http-parser-debuginfo-2.7.1-8.el7\",\n \"http-parser-devel-2.7.1-8.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:18", "description": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\nIt was found that the http module from Node.js could accept incorrect Content-Length values, containing spaces within the value, in HTTP headers. A specially crafted client could use this flaw to possibly confuse the script, causing unspecified behavior.(CVE-2018-7159)", "cvss3": {}, "published": "2019-10-25T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : http-parser (ALAS-2019-1322)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:http-parser", "p-cpe:/a:amazon:linux:http-parser-debuginfo", "p-cpe:/a:amazon:linux:http-parser-devel", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1322.NASL", "href": "https://www.tenable.com/plugins/nessus/130219", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1322.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130219);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n script_xref(name:\"ALAS\", value:\"2019-1322\");\n\n script_name(english:\"Amazon Linux 2 : http-parser (ALAS-2019-1322)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and\n11.3.0: Denial of Service with large HTTP headers: By using a\ncombination of many requests with maximum sized headers (almost 80 KB\nper connection), and carefully timed completion of the headers, it is\npossible to cause the HTTP server to abort from heap allocation\nfailure. Attack potential is mitigated by the use of a load balancer\nor other proxy layer.(CVE-2018-12121)\n\nIt was found that the http module from Node.js could accept incorrect\nContent-Length values, containing spaces within the value, in HTTP\nheaders. A specially crafted client could use this flaw to possibly\nconfuse the script, causing unspecified behavior.(CVE-2018-7159)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1322.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update http-parser' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:http-parser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:http-parser-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"http-parser-2.7.1-8.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"http-parser-debuginfo-2.7.1-8.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"http-parser-devel-2.7.1-8.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser / http-parser-debuginfo / http-parser-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:33", "description": "Security Fix(es) :\n\n - nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n - nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159)", "cvss3": {}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : http-parser on SL7.x x86_64 (20190806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:http-parser", "p-cpe:/a:fermilab:scientific_linux:http-parser-debuginfo", "p-cpe:/a:fermilab:scientific_linux:http-parser-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190806_HTTP_PARSER_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128222", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128222);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\");\n\n script_name(english:\"Scientific Linux Security Update : http-parser on SL7.x x86_64 (20190806)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - nodejs: Denial of Service with large HTTP headers\n (CVE-2018-12121)\n\n - nodejs: HTTP parser allowed for spaces inside\n Content-Length header values (CVE-2018-7159)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1908&L=SCIENTIFIC-LINUX-ERRATA&P=32208\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?604029ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected http-parser, http-parser-debuginfo and / or\nhttp-parser-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:http-parser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:http-parser-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"http-parser-2.7.1-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"http-parser-debuginfo-2.7.1-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"http-parser-devel-2.7.1-8.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser / http-parser-debuginfo / http-parser-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:36", "description": "An update for http-parser is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-15T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : http-parser / http-parser-devel (VZLSA-2019-2258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:http-parser", "p-cpe:/a:virtuozzo:virtuozzo:http-parser-devel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZLSA-2019-2258.NASL", "href": "https://www.tenable.com/plugins/nessus/144260", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144260);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\n \"CVE-2018-12121\",\n \"CVE-2018-7159\"\n );\n\n script_name(english:\"Virtuozzo 7 : http-parser / http-parser-devel (VZLSA-2019-2258)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for http-parser is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe http-parser package provides a utility for parsing HTTP messages.\nIt parses both requests and responses. The parser is designed to be\nused in performance HTTP applications. It does not make any system\ncalls or allocations, it does not buffer data, and it can be\ninterrupted at any time. Depending on your architecture, it only\nrequires about 40 bytes of data per message stream.\n\nSecurity Fix(es) :\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header\nvalues (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2019-2258.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?705e9b74\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2258\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser / http-parser-devel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:http-parser-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"http-parser-2.7.1-8.vl7\",\n \"http-parser-devel-2.7.1-8.vl7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser / http-parser-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:14", "description": "According to the versions of the http-parser package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.(CVE-2018-7159)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : http-parser (EulerOS-SA-2020-1198)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:http-parser", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1198.NASL", "href": "https://www.tenable.com/plugins/nessus/134487", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134487);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-12121\",\n \"CVE-2018-7159\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : http-parser (EulerOS-SA-2020-1198)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the http-parser package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - Node.js: All versions prior to Node.js 6.15.0, 8.14.0,\n 10.14.0 and 11.3.0: Denial of Service with large HTTP\n headers: By using a combination of many requests with\n maximum sized headers (almost 80 KB per connection),\n and carefully timed completion of the headers, it is\n possible to cause the HTTP server to abort from heap\n allocation failure. Attack potential is mitigated by\n the use of a load balancer or other proxy\n layer.(CVE-2018-12121)\n\n - The HTTP parser in all current versions of Node.js\n ignores spaces in the `Content-Length` header, allowing\n input such as `Content-Length: 1 2` to be interpreted\n as having a value of `12`. The HTTP specification does\n not allow for spaces in the `Content-Length` value and\n the Node.js HTTP parser has been brought into line on\n this particular difference. The security risk of this\n flaw to Node.js users is considered to be VERY LOW as\n it is difficult, and may be impossible, to craft an\n attack that makes use of this flaw in a way that could\n not already be achieved by supplying an incorrect value\n for `Content-Length`. Vulnerabilities may exist in\n user-code that make incorrect assumptions about the\n potential accuracy of this value compared to the actual\n length of the data supplied. Node.js users crafting\n lower-level HTTP utilities are advised to re-check the\n length of any input supplied after parsing is\n complete.(CVE-2018-7159)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1198\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?47243012\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected http-parser packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-7159\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"http-parser-2.7.1-5.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:04", "description": "The remote host is affected by the vulnerability described in GLSA-202003-48 (Node.js: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly write arbitrary files, cause a Denial of Service condition or can conduct HTTP request splitting attacks.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2020-03-23T00:00:00", "type": "nessus", "title": "GLSA-202003-48 : Node.js: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12115", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-7161", "CVE-2018-7162", "CVE-2018-7164", "CVE-2018-7167", "CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16777", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2020-03-25T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:nodejs", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202003-48.NASL", "href": "https://www.tenable.com/plugins/nessus/134776", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-48.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134776);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/25\");\n\n script_cve_id(\"CVE-2018-12115\", \"CVE-2018-12116\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-7161\", \"CVE-2018-7162\", \"CVE-2018-7164\", \"CVE-2018-7167\", \"CVE-2019-15604\", \"CVE-2019-15605\", \"CVE-2019-15606\", \"CVE-2019-16777\", \"CVE-2019-5737\", \"CVE-2019-5739\");\n script_xref(name:\"GLSA\", value:\"202003-48\");\n\n script_name(english:\"GLSA-202003-48 : Node.js: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-48\n(Node.js: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Node.js. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly write arbitrary files, cause a Denial\n of Service condition or can conduct HTTP request splitting attacks.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-48\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Node.js <12.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/nodejs-10.19.0'\n All Node.js 12.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/nodejs-12.15.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15606\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-libs/nodejs\", unaffected:make_list(\"rge 10.19.0\", \"rge 12.15.0\"), vulnerable:make_list(\"lt 12.15.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Node.js\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:50", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2925 advisory.\n\n - nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass (CVE-2019-5737)\n\n - HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n - HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n - HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)\n\n - HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n - HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n - HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n - HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n - HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : nodejs:10 (CESA-2019:2925)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5737", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:nodejs", "p-cpe:/a:centos:centos:nodejs-devel", "p-cpe:/a:centos:centos:nodejs-docs", "p-cpe:/a:centos:centos:npm"], "id": "CENTOS8_RHSA-2019-2925.NASL", "href": "https://www.tenable.com/plugins/nessus/145589", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:2925. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145589);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2019-5737\",\n \"CVE-2019-9511\",\n \"CVE-2019-9512\",\n \"CVE-2019-9513\",\n \"CVE-2019-9514\",\n \"CVE-2019-9515\",\n \"CVE-2019-9516\",\n \"CVE-2019-9517\",\n \"CVE-2019-9518\"\n );\n script_xref(name:\"RHSA\", value:\"2019:2925\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0643\");\n\n script_name(english:\"CentOS 8 : nodejs:10 (CESA-2019:2925)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:2925 advisory.\n\n - nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass (CVE-2019-5737)\n\n - HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n - HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n - HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)\n\n - HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n - HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n - HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n - HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n - HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2925\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9518\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\nif ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar appstreams = {\n 'nodejs:10': [\n {'reference':'nodejs-10.16.3-2.module_el8.0.0+186+542b25fc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-10.16.3-2.module_el8.0.0+186+542b25fc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-devel-10.16.3-2.module_el8.0.0+186+542b25fc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-devel-10.16.3-2.module_el8.0.0+186+542b25fc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-docs-10.16.3-2.module_el8.0.0+186+542b25fc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-docs-10.16.3-2.module_el8.0.0+186+542b25fc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.9.0-1.10.16.3.2.module_el8.0.0+186+542b25fc', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'npm-6.9.0-1.10.16.3.2.module_el8.0.0+186+542b25fc', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / npm');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:28", "description": "A flaw was found in the Node.js code where a specially crafted HTTP(s) request sent to a Node.js server failed to properly process the HTTP(s) headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is deployed behind a proxy server that reuses connections. (CVE-2019-15605)\n\nNode.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. (CVE-2018-12121)\n\nIt was found that the http module from Node.js could accept incorrect Content-Length values, containing spaces within the value, in HTTP headers. A specially crafted client could use this flaw to possibly confuse the script, causing unspecified behavior. (CVE-2018-7159)", "cvss3": {}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : http-parser (ALAS-2020-1359)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159", "CVE-2019-15605"], "modified": "2020-04-28T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:http-parser", "p-cpe:/a:amazon:linux:http-parser-debuginfo", "p-cpe:/a:amazon:linux:http-parser-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1359.NASL", "href": "https://www.tenable.com/plugins/nessus/135935", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1359.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135935);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/28\");\n\n script_cve_id(\"CVE-2018-12121\", \"CVE-2018-7159\", \"CVE-2019-15605\");\n script_xref(name:\"ALAS\", value:\"2020-1359\");\n\n script_name(english:\"Amazon Linux AMI : http-parser (ALAS-2020-1359)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the Node.js code where a specially crafted HTTP(s)\nrequest sent to a Node.js server failed to properly process the\nHTTP(s) headers, resulting in a request smuggling attack. An attacker\ncan use this flaw to alter a request sent as an authenticated user if\nthe Node.js server is deployed behind a proxy server that reuses\nconnections. (CVE-2019-15605)\n\nNode.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and\n11.3.0: Denial of Service with large HTTP headers: By using a\ncombination of many requests with maximum sized headers (almost 80 KB\nper connection), and carefully timed completion of the headers, it is\npossible to cause the HTTP server to abort from heap allocation\nfailure. Attack potential is mitigated by the use of a load balancer\nor other proxy layer. (CVE-2018-12121)\n\nIt was found that the http module from Node.js could accept incorrect\nContent-Length values, containing spaces within the value, in HTTP\nheaders. A specially crafted client could use this flaw to possibly\nconfuse the script, causing unspecified behavior. (CVE-2018-7159)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2020-1359.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update http-parser' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:http-parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:http-parser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:http-parser-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"http-parser-2.9.3-1.2.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"http-parser-debuginfo-2.9.3-1.2.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"http-parser-devel-2.9.3-1.2.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"http-parser / http-parser-debuginfo / http-parser-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:27:03", "description": "This update for nodejs8 to version 8.15.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-12121: Fixed a Denial of Service with large HTTP headers (bsc#1117626)\n\nCVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)\n\nCVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\nCVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript protocol (bsc#1117629)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2019:0118-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs8", "p-cpe:/a:novell:suse_linux:nodejs8-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs8-debugsource", "p-cpe:/a:novell:suse_linux:nodejs8-devel", "p-cpe:/a:novell:suse_linux:npm8", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0118-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121293", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0118-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121293);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-12116\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\");\n\n script_name(english:\"SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2019:0118-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs8 to version 8.15.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-12121: Fixed a Denial of Service with large HTTP headers\n(bsc#1117626)\n\nCVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service\n(bsc#1117627)\n\nCVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\nCVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript\nprotocol (bsc#1117629)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12116/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12121/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12122/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12123/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190118-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?150c7b00\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 15:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-15-2019-118=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-8.15.0-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-debuginfo-8.15.0-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-debugsource-8.15.0-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-devel-8.15.0-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"npm8-8.15.0-3.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs8\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:19", "description": "This update for nodejs8 to version 8.15.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-12121: Fixed a Denial of Service with large HTTP headers (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript protocol (bsc#1117629)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-01-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs8 (openSUSE-2019-89)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs8", "p-cpe:/a:novell:opensuse:nodejs8-debuginfo", "p-cpe:/a:novell:opensuse:nodejs8-debugsource", "p-cpe:/a:novell:opensuse:nodejs8-devel", "p-cpe:/a:novell:opensuse:npm8", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-89.NASL", "href": "https://www.tenable.com/plugins/nessus/121428", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-89.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121428);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-12116\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\");\n\n script_name(english:\"openSUSE Security Update : nodejs8 (openSUSE-2019-89)\");\n script_summary(english:\"Check for the openSUSE-2019-89 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs8 to version 8.15.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-12121: Fixed a Denial of Service with large\n HTTP headers (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of\n Service (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting\n (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser\n for JavaScript protocol (bsc#1117629)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117630\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs8 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-8.15.0-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-debuginfo-8.15.0-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-debugsource-8.15.0-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nodejs8-devel-8.15.0-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"npm8-8.15.0-lp150.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs8 / nodejs8-debuginfo / nodejs8-debugsource / nodejs8-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:26", "description": "This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652)\n\n - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka 'PortSmash') (bsc#1113534)\n\n - CVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625)\n\n - CVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript protocol (bsc#1117629)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2019-01-28T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs4 (openSUSE-2019-88)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs4", "p-cpe:/a:novell:opensuse:nodejs4-debuginfo", "p-cpe:/a:novell:opensuse:nodejs4-debugsource", "p-cpe:/a:novell:opensuse:nodejs4-devel", "p-cpe:/a:novell:opensuse:npm4", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-88.NASL", "href": "https://www.tenable.com/plugins/nessus/121415", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-88.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121415);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n\n script_name(english:\"openSUSE Security Update : nodejs4 (openSUSE-2019-88)\");\n script_summary(english:\"Check for the openSUSE-2019-88 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA\n signature generation (bsc#1113652)\n\n - CVE-2018-5407: Fixed a hyperthread port content side\n channel attack (aka 'PortSmash') (bsc#1113534)\n\n - CVE-2018-12120: Fixed that the debugger listens on any\n interface by default (bsc#1117625)\n\n - CVE-2018-12121: Fixed a denial of Service with large\n HTTP headers (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of\n Service (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting\n (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser\n for JavaScript protocol (bsc#1117629)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117630\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-4.9.1-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-debuginfo-4.9.1-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-debugsource-4.9.1-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs4-devel-4.9.1-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"npm4-4.9.1-20.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs4 / nodejs4-debuginfo / nodejs4-debugsource / nodejs4-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:26", "description": "This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652)\n\nCVE-2018-5407: Fixed a hyperthread port content side channel attack (aka 'PortSmash') (bsc#1113534)\n\nCVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625)\n\nCVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626)\n\nCVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)\n\nCVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\nCVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript protocol (bsc#1117629)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0117-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs4", "p-cpe:/a:novell:suse_linux:nodejs4-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs4-debugsource", "p-cpe:/a:novell:suse_linux:nodejs4-devel", "p-cpe:/a:novell:suse_linux:npm4", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0117-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121292", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0117-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121292);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/09/10 13:51:50\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0117-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed a timing vulnerability in the DSA signature\ngeneration (bsc#1113652)\n\nCVE-2018-5407: Fixed a hyperthread port content side channel attack\n(aka 'PortSmash') (bsc#1113534)\n\nCVE-2018-12120: Fixed that the debugger listens on any interface by\ndefault (bsc#1117625)\n\nCVE-2018-12121: Fixed a denial of Service with large HTTP headers\n(bsc#1117626)\n\nCVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service\n(bsc#1117627)\n\nCVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\nCVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript\nprotocol (bsc#1117629)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0734/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12116/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12120/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12121/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12122/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12123/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5407/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190117-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55bbd6c4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2019-117=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-117=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-4.9.1-15.17.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-debuginfo-4.9.1-15.17.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-debugsource-4.9.1-15.17.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-devel-4.9.1-15.17.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"npm4-4.9.1-15.17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs4\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:24", "description": "This update for nodejs6 to version 6.16.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652)\n\nCVE-2018-5407: Fixed a hyperthread port content side channel attack (aka 'PortSmash') (bsc#1113534)\n\nCVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625)\n\nCVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626)\n\nCVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)\n\nCVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\nCVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript protocol (bsc#1117629)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-02-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0395-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs6", "p-cpe:/a:novell:suse_linux:nodejs6-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs6-debugsource", "p-cpe:/a:novell:suse_linux:nodejs6-devel", "p-cpe:/a:novell:suse_linux:npm6", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0395-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122230", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0395-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122230);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/09/10 13:51:50\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0395-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs6 to version 6.16.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed a timing vulnerability in the DSA signature\ngeneration (bsc#1113652)\n\nCVE-2018-5407: Fixed a hyperthread port content side channel attack\n(aka 'PortSmash') (bsc#1113534)\n\nCVE-2018-12120: Fixed that the debugger listens on any interface by\ndefault (bsc#1117625)\n\nCVE-2018-12121: Fixed a denial of Service with large HTTP headers\n(bsc#1117626)\n\nCVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service\n(bsc#1117627)\n\nCVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\nCVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript\nprotocol (bsc#1117629)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0734/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12116/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12120/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12121/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12122/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12123/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5407/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190395-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f969e13\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2019-395=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-395=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2019-395=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-395=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-6.16.0-11.21.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-debuginfo-6.16.0-11.21.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-debugsource-6.16.0-11.21.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-devel-6.16.0-11.21.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"npm6-6.16.0-11.21.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:29:59", "description": "This update for nodejs6 to version 6.16.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652)\n\n - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka 'PortSmash') (bsc#1113534)\n\n - CVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625)\n\n - CVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for JavaScript protocol (bsc#1117629)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2019-02-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs6 (openSUSE-2019-234)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs6", "p-cpe:/a:novell:opensuse:nodejs6-debuginfo", "p-cpe:/a:novell:opensuse:nodejs6-debugsource", "p-cpe:/a:novell:opensuse:nodejs6-devel", "p-cpe:/a:novell:opensuse:npm6", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-234.NASL", "href": "https://www.tenable.com/plugins/nessus/122418", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-234.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122418);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n\n script_name(english:\"openSUSE Security Update : nodejs6 (openSUSE-2019-234)\");\n script_summary(english:\"Check for the openSUSE-2019-234 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs6 to version 6.16.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA\n signature generation (bsc#1113652)\n\n - CVE-2018-5407: Fixed a hyperthread port content side\n channel attack (aka 'PortSmash') (bsc#1113534)\n\n - CVE-2018-12120: Fixed that the debugger listens on any\n interface by default (bsc#1117625)\n\n - CVE-2018-12121: Fixed a denial of Service with large\n HTTP headers (bsc#1117626)\n\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of\n Service (bsc#1117627)\n\n - CVE-2018-12116: Fixed HTTP request splitting\n (bsc#1117630)\n\n - CVE-2018-12123: Fixed hostname spoofing in URL parser\n for JavaScript protocol (bsc#1117629)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117630\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-6.16.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-debuginfo-6.16.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-debugsource-6.16.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nodejs6-devel-6.16.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"npm6-6.16.0-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs6 / nodejs6-debuginfo / nodejs6-debugsource / nodejs6-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:17:13", "description": "Node.js reports :\n\nUpdates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement. They also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j.\n\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible. Debugger port 5858 listens on any interface by default (CVE-2018-12120) All versions of Node.js 6 are vulnerable and the severity is HIGH. When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default.\nThis may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost.\nIt has always been possible to start the debugger on a specific interface, such as node --debug=localhost. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable. Denial of Service with large HTTP headers (CVE-2018-12121) All versions of 6 and later are vulnerable and the severity is HIGH. By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n\nThe total size of HTTP headers received by Node.js now must not exceed 8192 bytes. 'Slowloris' HTTP Denial of Service (CVE-2018-12122) All versions of Node.js 6 and later are vulnerable and the severity is LOW. An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n\nA timeout of 40 seconds now applies to servers receiving HTTP headers.\nThis value can be adjusted with server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. Hostname spoofing in URL parser for JavaScript protocol (CVE-2018-12123) All versions of Node.js 6 and later are vulnerable and the severity is LOW. If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case 'javascript:' (e.g. 'javAscript:') protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect. HTTP request splitting (CVE-2018-12116) Node.js 6 and 8 are vulnerable and the severity is MEDIUM. If Node.js can be convinced to use unsanitized user-provided Unicode data for the path option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. OpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735) The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key. OpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734) The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key. OpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407) OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side-channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key.", "cvss3": {}, "published": "2018-12-10T00:00:00", "type": "nessus", "title": "FreeBSD : node.js -- multiple vulnerabilities (2a86f45a-fc3c-11e8-a414-00155d006b02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-07-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:node", "p-cpe:/a:freebsd:freebsd:node10", "p-cpe:/a:freebsd:freebsd:node6", "p-cpe:/a:freebsd:freebsd:node8", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_2A86F45AFC3C11E8A41400155D006B02.NASL", "href": "https://www.tenable.com/plugins/nessus/119511", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119511);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/07/10 16:04:13\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n\n script_name(english:\"FreeBSD : node.js -- multiple vulnerabilities (2a86f45a-fc3c-11e8-a414-00155d006b02)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Node.js reports :\n\nUpdates are now available for all active Node.js release lines. These\ninclude fixes for the vulnerabilities identified in the initial\nannouncement. They also include upgrades of Node.js 6 and 8 to OpenSSL\n1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j.\n\nWe recommend that all Node.js users upgrade to a version listed below\nas soon as possible. Debugger port 5858 listens on any interface by\ndefault (CVE-2018-12120) All versions of Node.js 6 are vulnerable and\nthe severity is HIGH. When the debugger is enabled with node --debug\nor node debug, it listens to port 5858 on all interfaces by default.\nThis may allow remote computers to attach to the debug port and\nevaluate arbitrary JavaScript. The default interface is now localhost.\nIt has always been possible to start the debugger on a specific\ninterface, such as node --debug=localhost. The debugger was removed in\nNode.js 8 and replaced with the inspector, so no versions from 8 and\nlater are vulnerable. Denial of Service with large HTTP headers\n(CVE-2018-12121) All versions of 6 and later are vulnerable and the\nseverity is HIGH. By using a combination of many requests with maximum\nsized headers (almost 80 KB per connection), and carefully timed\ncompletion of the headers, it is possible to cause the HTTP server to\nabort from heap allocation failure. Attack potential is mitigated by\nthe use of a load balancer or other proxy layer.\n\nThe total size of HTTP headers received by Node.js now must not exceed\n8192 bytes. 'Slowloris' HTTP Denial of Service (CVE-2018-12122) All\nversions of Node.js 6 and later are vulnerable and the severity is\nLOW. An attacker can cause a Denial of Service (DoS) by sending\nheaders very slowly keeping HTTP or HTTPS connections and associated\nresources alive for a long period of time. Attack potential is\nmitigated by the use of a load balancer or other proxy layer.\n\nA timeout of 40 seconds now applies to servers receiving HTTP headers.\nThis value can be adjusted with server.headersTimeout. Where headers\nare not completely received within this period, the socket is\ndestroyed on the next received chunk. In conjunction with\nserver.setTimeout(), this aids in protecting against excessive\nresource retention and possible Denial of Service. Hostname spoofing\nin URL parser for JavaScript protocol (CVE-2018-12123) All versions of\nNode.js 6 and later are vulnerable and the severity is LOW. If a\nNode.js application is using url.parse() to determine the URL\nhostname, that hostname can be spoofed by using a mixed case\n'javascript:' (e.g. 'javAscript:') protocol (other protocols are not\naffected). If security decisions are made about the URL based on the\nhostname, they may be incorrect. HTTP request splitting\n(CVE-2018-12116) Node.js 6 and 8 are vulnerable and the severity is\nMEDIUM. If Node.js can be convinced to use unsanitized user-provided\nUnicode data for the path option of an HTTP request, then data can be\nprovided which will trigger a second, unexpected, and user-defined\nHTTP request to made to the same server. OpenSSL Timing vulnerability\nin ECDSA signature generation (CVE-2018-0735) The OpenSSL ECDSA\nsignature algorithm has been shown to be vulnerable to a timing\nside-channel attack. An attacker could use variations in the signing\nalgorithm to recover the private key. OpenSSL Timing vulnerability in\nDSA signature generation (CVE-2018-0734) The OpenSSL DSA signature\nalgorithm has been shown to be vulnerable to a timing side-channel\nattack. An attacker could use variations in the signing algorithm to\nrecover the private key. OpenSSL Microarchitecture timing\nvulnerability in ECC scalar multiplication (CVE-2018-5407) OpenSSL ECC\nscalar multiplication, used in e.g. ECDSA and ECDH, has been shown to\nbe vulnerable to a microarchitecture timing side-channel attack. An\nattacker with sufficient access to mount local timing attacks during\nECDSA signature generation could recover the private key.\"\n );\n # https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fdc3667d\"\n );\n # https://vuxml.freebsd.org/freebsd/2a86f45a-fc3c-11e8-a414-00155d006b02.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?721f1cad\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"node6<6.15.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node8<8.14.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node10<10.14.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node<11.3.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-16T15:27:40", "description": "The version of Node.js installed on the remote host is 6.x prior to 6.15.0, 8.x prior to 8.14.0 or 10.x prior to 10.14.0 or 11.x prior to 11.3.0. It is, therefore, affected by multiple vulnerabilities.\n\n - OpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734).\n\n - OpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735).\n\n - OpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407).\n\n - Debugger port 5858 listens on any interface by default CVE-2018-12120).\n\n - Denial of Service with large HTTP headers (CVE-2018-12121).\n\n - Slowloris HTTP Denial of Service (CVE-2018-12122).\n\n - Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123).\n\n - HTTP request splitting (CVE-2018-12116).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-12-28T00:00:00", "type": "nessus", "title": "Node.js Multiple Vulnerabilities (November 2018 Security Releases)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2023-09-11T00:00:00", "cpe": ["cpe:/a:nodejs:node.js"], "id": "NODEJS_2018_NOV.NASL", "href": "https://www.tenable.com/plugins/nessus/119938", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119938);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/11\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-5407\",\n \"CVE-2018-12116\",\n \"CVE-2018-12120\",\n \"CVE-2018-12121\",\n \"CVE-2018-12122\",\n \"CVE-2018-12123\"\n );\n script_bugtraq_id(\n 105750,\n 105758,\n 105897,\n 106040,\n 106043\n );\n\n script_name(english:\"Node.js Multiple Vulnerabilities (November 2018 Security Releases)\");\n script_summary(english:\"Checks the Node.js version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Node.js - JavaScript run-time environment is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Node.js installed on the remote host is 6.x prior to 6.15.0, 8.x prior to 8.14.0 or 10.x prior to\n10.14.0 or 11.x prior to 11.3.0. It is, therefore, affected by multiple vulnerabilities.\n\n - OpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734).\n\n - OpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735).\n\n - OpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407).\n\n - Debugger port 5858 listens on any interface by default CVE-2018-12120).\n\n - Denial of Service with large HTTP headers (CVE-2018-12121).\n\n - Slowloris HTTP Denial of Service (CVE-2018-12122).\n\n - Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123).\n\n - HTTP request splitting (CVE-2018-12116).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fdc3667d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade Node.js to 6.15 / 8.14.0 / 10.14.0 / 11.3.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12120\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:nodejs:node.js\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nodejs_win_installed.nbin\", \"nodejs_installed_nix.nbin\", \"macosx_nodejs_installed.nbin\");\n script_require_keys(\"installed_sw/Node.js\");\n \n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar win_local = FALSE;\nif (get_kb_item('SMB/Registry/Enumerated')) win_local = TRUE;\n\nvar app_info = vcf::get_app_info(app:'Node.js', win_local:win_local);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'min_version' : '6.0.0', 'fixed_version' : '6.15.0' },\n { 'min_version' : '8.0.0', 'fixed_version' : '8.14.0' },\n { 'min_version' : '10.0.0', 'fixed_version' : '10.14.0' },\n { 'min_version' : '11.0.0', 'fixed_version' : '11.3.0' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "veracode": [{"lastseen": "2023-04-18T13:55:49", "description": "node is vulnerable to denial of service (DoS) attacks. The vulnerability exists due a misinterpretation of input that allows a Slowloris attack using malicious keep-alive HTTP connections, which causes a denial of service condition.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-04T05:31:23", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737"], "modified": "2020-12-03T09:24:42", "id": "VERACODE:13397", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-13397/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-18T15:33:22", "description": "Node.js is vulnerable to denial of service. A remote attacker is able to cause a heap allocation failure by sending multiple requests with large HTTP headers of 80KB per connection at timed intervals, resulting in a denial of service condition.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-30T05:36:43", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2022-09-06T18:15:23", "id": "VERACODE:7907", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-7907/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:42:07", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for nodejs10 to version 10.1.2 fixes the following issue:\n\n Security issue fixed:\n\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127532).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1211=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-16T00:00:00", "type": "suse", "title": "Security update for nodejs10 (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737"], "modified": "2019-04-16T00:00:00", "id": "OPENSUSE-SU-2019:1211-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NWRIW5L6MR3UPY3IB3VYGX3YMASJU36L/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-18T12:42:07", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for nodejs6 to version 6.17.0 fixes the following issues:\n\n Security issues fixed:\n\n\n - CVE-2019-5739: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127533).\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127532).\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under\n certain circumstances a TLS server can be forced to respond differently\n to a client and lead to the decryption of the data (bsc#1127080).\n\n Release Notes: https://nodejs.org/en/blog/release/v6.17.0/\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1173=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-08T00:00:00", "type": "suse", "title": "Security update for nodejs6 (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-04-08T00:00:00", "id": "OPENSUSE-SU-2019:1173-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2BPBVCCEQB7DEYUO5NU5DN7KHH3PXUAL/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-06T19:36:09", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for nodejs4 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-5739: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127533).\n - CVE-2019-5737: Fixed a potentially attack vector which could lead to\n Denial of Service when HTTP connection are kept active (bsc#1127532).\n - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under\n certain circumstances a TLS server can be forced to respond differently\n to a client and lead to the decryption of the data (bsc#1127080).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1076=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-28T00:00:00", "type": "suse", "title": "Security update for nodejs4 (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-03-28T00:00:00", "id": "OPENSUSE-SU-2019:1076-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/X3J42WSGRSXTXLUES5HF6USZUDFK6EUH/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-30T04:20:37", "description": "An update that fixes four vulnerabilities is now available.\n\nDescription:\n\n This update for nodejs8 to version 8.15.0 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-12121: Fixed a Denial of Service with large HTTP headers\n (bsc#1117626)\n - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service\n (bsc#1117627)\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript\n protocol (bsc#1117629)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-89=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-28T00:00:00", "type": "suse", "title": "Security update for nodejs8 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2019-01-28T00:00:00", "id": "OPENSUSE-SU-2019:0089-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WVHUGID7T2P6NHDOVMAVMRSCBS4GN25L/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-11-08T04:10:32", "description": "An update that fixes 7 vulnerabilities is now available.\n\nDescription:\n\n This update for nodejs4 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature\n generation (bsc#1113652)\n - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka\n \"PortSmash\") (bsc#1113534)\n - CVE-2018-12120: Fixed that the debugger listens on any interface by\n default (bsc#1117625)\n - CVE-2018-12121: Fixed a denial of Service with large HTTP headers\n (bsc#1117626)\n - CVE-2018-12122: Fixed the \"Slowloris\" HTTP Denial of Service\n (bsc#1117627)\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript\n protocol (bsc#1117629)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-88=1", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-25T00:00:00", "type": "suse", "title": "Security update for nodejs4 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-01-25T00:00:00", "id": "OPENSUSE-SU-2019:0088-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MCR24YF2JL7BUZULCM3J6PO547A2FBEH/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-09-06T22:06:43", "description": "An update that fixes 7 vulnerabilities is now available.\n\nDescription:\n\n This update for nodejs6 to version 6.16.0 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature\n generation (bsc#1113652)\n - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka\n \"PortSmash\") (bsc#1113534)\n - CVE-2018-12120: Fixed that the debugger listens on any interface by\n default (bsc#1117625)\n - CVE-2018-12121: Fixed a denial of Service with large HTTP headers\n (bsc#1117626)\n - CVE-2018-12122: Fixed the \"Slowloris\" HTTP Denial of Service\n (bsc#1117627)\n - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript\n protocol (bsc#1117629)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-234=1", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-22T00:00:00", "type": "suse", "title": "Security update for nodejs6 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-02-22T00:00:00", "id": "OPENSUSE-SU-2019:0234-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TEDLOHSLOHZ36RTEAODDXPLT3YMQBGBI/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2023-02-23T21:44:12", "description": "## Summary\n\nThere is a vulnerability in Node.js used by IBM\u00ae Cloud App Management V2018. Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. IBM\u00ae Cloud App Management has addressed the applicable CVE in a later version.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Cloud App Management V2018.2.0\n\nIBM Cloud App Management V2018.4.0\n\nIBM Cloud App Management V2018.4.1\n\n## Remediation/Fixes\n\nIBM Cloud App Management was updated to use a later version of Node.js. Install or upgrade to IBM Cloud App Management V2019.2.1 to address these security vulnerabilities. IBM Cloud App Management V2019.2.1 is available on [IBM Passport Advantage](<https://www.ibm.com/software/passportadvantage/index.html>) .\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-06T12:28:35", "type": "ibm", "title": "Security Bulletin: A vulnerability in Node.js affects IBM Cloud App Management V2018", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737"], "modified": "2019-09-06T12:28:35", "id": "047785CB1D2F7A43AEE1C18C12E4F83E842290E513AC501CD9964F386EF4058E", "href": "https://www.ibm.com/support/pages/node/957203", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:46:12", "description": "## Summary\n\nIBM API Connect has addressed the following vulnerability.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION: **Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n\n## Affected Products and Versions\n\nAffected IBM API Management | Affected Versions \n---|--- \nIBM API Connect | 5.0.0.0-5.0.8.6 \nIBM API Connect | 2018.1-2018.4.1.4 \n \n## Remediation/Fixes\n\nAffected Product | Fixed in VRMF | APAR | Remediation / First Fix \n---|---|---|--- \nIBM API Connect V5.0.0.0-5.0.8.6 | 5.0.8.6 iFix | \n\nLI80879\n\n| \n\nAddressed in IBM API Connect V5.0.8.6 iFix.\n\nDeveloper Portal and Management server are impacted.\n\nFollow this link and find the appropriate packages: \n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.6&platform=All&function=all&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.6&platform=All&function=all&source=fc>) \n \nIBM API Connect V2018.1-2018.4.1.4 | 2018.4.1.5 fixpack | LI80879 | \n\nAddressed in IBM API Connect v2018.4.1.5 fixpack.\n\nDeveloper Portal is impacted.\n\n \nFollow this link and find the appropriate form factor for your installation:\"portal\" for 2018.4.1.5. \n\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=2018.4.1.4&platform=All&function=all&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=2018.4.1.4&platform=All&function=all&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-06T15:40:02", "type": "ibm", "title": "Security Bulletin: IBM API Connect is affected by a denial of service vulnerability in Node.js (CVE-2019-5737)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737"], "modified": "2019-06-06T15:40:02", "id": "6B96E35FDE1A10BD8B4F5708D6B01CB5A271D793A669E4B305837720596F5BFF", "href": "https://www.ibm.com/support/pages/node/882602", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-24T05:52:05", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed the following vulnerability. Node.js denial of service vulnerability (CVE-2019-5737)\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION: **Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**IBM Cloud Transformation Advisor Continuous Delivery**\n\n## Remediation/Fixes\n\n**IBM Cloud Transformation Advisor**\n\nUpgrade to 1.9.6 or later\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-05T19:00:57", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js denial of service vulnerability (CVE-2019-5737)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737"], "modified": "2022-12-05T19:00:57", "id": "9219A9C063FEA4685E7627D51A0B46A51FEACD0F96128695848E2E0E303C65E2", "href": "https://www.ibm.com/support/pages/node/886319", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:48:13", "description": "## Summary\n\nIBM Event Streams has addressed the following vulnerabilities\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-16487](<https://vulners.com/cve/CVE-2018-16487>) \n**DESCRIPTION: ** Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/156530> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Event Streams 2018.3.0\n\nIBM Event Streams 2018.3.1\n\n## Remediation/Fixes\n\nUpgrade to IBM Event Streams 2019.1.1 which is available from [Passport Advantage](<https://www.ibm.com/software/passportadvantage/>).\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-29T10:55:01", "type": "ibm", "title": "Security Bulletin: IBM Event Streams is affected by vulnerabilities in the shipped Node runtime", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16487", "CVE-2019-5737"], "modified": "2019-03-29T10:55:01", "id": "4C0F8E9469586996B619F6E8CA591662A46CACC2C2BF49C04C93F8B71F714940", "href": "https://www.ibm.com/support/pages/node/876550", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:48:11", "description": "## Summary\n\nSecurity Vulnerabilities in Node.js affect IBM Voice Gateway.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-5739](<https://vulners.com/cve/CVE-2019-5739>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Voice Gateway 1.0 - 1.0.0.8e\n\n## Remediation/Fixes\n\nUpgrade to IBM Voice Gateway 1.0.1.0\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-02T05:10:01", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-04-02T05:10:01", "id": "D3FE4D2AC81C8DA33A63C992BC0C60AFFB3615B235D1AE8B2C93E601DA272F7A", "href": "https://www.ibm.com/support/pages/node/878584", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:46:11", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs. Node.js vulnerabilities were disclosed by the Node.js foundation. Node.js is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-1559](<https://vulners.com/cve/CVE-2019-1559>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-5739](<https://vulners.com/cve/CVE-2019-5739>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nThese vulnerabilities affect IBM SDK for Node.js v6.15.0 and earlier releases. \nThese vulnerabilities affect IBM SDK for Node.js v8.14.0 and earlier releases.\n\nThese vulnerabilities affect IBM SDK for Node.js v10.14.0.0 and earlier releases. \n \nThrough the command-line Cloud Foundry client run the following command: \n \n**cf ssh <appname> -c \"cat staging_info.yml\"** \n \nLook for the following lines: \n{\"detected_buildpack\":\"SDK for Node.js(TM) (node.js-xxx, buildpack-v3.xxx)\",\"start_command\":\"./vendor/initial_startup.rb\"} \n \nIf the Node.js engine version is not at least v6.17.0, v8.15.1 or v10.15.2 your application may be vulnerable.\n\n## Remediation/Fixes\n\nThe fixes for these vulnerabilities are included in IBM SDK for Node.js v6.17.0 and subsequent releases. \nThe fixes for these vulnerabilities are included in IBM SDK for Node.js v8.15.1 and subsequent releases.\n\nThe fixes for these vulnerabilities are included in IBM SDK for Node.js v10.15.2 and subsequent releases. \n \nTo upgrade to the latest version of the Node.js runtime, please specify the latest Node.js runtime in your package.json file for your application: \n \n_\"engines\": {_ \n_\"node\": \">=6.17.0\"_ \n_},_ \n_or _ \n_\"engines\": {_ \n_\"node\": \">=8.15.1\"_ \n_},_\n\n_or _ \n_\"engines\": {_ \n_\"node\": \">=10.15.2\"_ \n_},_ \n \nYou will then need to restage (or re-push) your application using the IBM SDK for Node.js Buildpack v3.26.\n\n## Workarounds and Mitigations\n\nNone.\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n6 Jun 2019: Original document published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS4JM7\",\"label\":\"IBM SDK for Node.js for Cloud\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB21\",\"label\":\"Public Cloud Platform\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-06T20:05:02", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities affect IBM\u00ae SDK for Node.js\u2122 in IBM Cloud", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-06-06T20:05:02", "id": "C9A98DBCDBB1AB0E80D15B7F4D937407F05B3754EBE6E67DCC33A02F34716110", "href": "https://www.ibm.com/support/pages/node/886797", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:45:36", "description": "## Summary\n\nIBM Cloud Private is vulnerable to multiple security vulnerabilities in Node.js\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-1559](<https://vulners.com/cve/CVE-2019-1559>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-5739](<https://vulners.com/cve/CVE-2019-5739>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n * IBM Cloud Private 2.1.x, 3.1.0, 3.1.1, 3.1.2\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages\n\n * IBM Cloud Private 3.1.2\n * IBM Cloud Private 3.1.1 \n\nFor IBM Cloud Private 3.1.2\n\n * Apply these patches: \n * [IBM Cloud Private 3.1.2 Patch - Metering](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build519501-23128&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Platform-ui](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build517510-21076&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Vulnerability Advisor](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build518302-23954&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Auth-pap](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build521965-26324&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Auth-idp](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build521966-26323&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Catalog-ui](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build522133-26442&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Logging](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build522128-23426&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Helm-api](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build521982-26236&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Helm-repo](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build521985-26141&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.2 Patch - Mgmt-repo](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.2-build522291-26143&includeSupersedes=0>)\n\nFor IBM Cloud Private 3.1.1\n\n * Apply these patches: \n * [IBM Cloud Private 3.1.1 Patch - Metering](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build516869-23517&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Platform-ui](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build519368-23645&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Vulnerability Advisor](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build521728-23130&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Auth-pap](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build521963-26325&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Auth-idp](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build523127-23643&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Catalog-ui](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build521960-25023&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Logging](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build522125-25436&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Helm-api](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build521983-26140&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Helm-repo](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build522147-26275&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Mgmt-repo](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build522153-26144&includeSupersedes=0>)\n\nFor IBM Cloud Private, 2.1.x, 3.1.0:\n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-02T17:50:01", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2019-5739 CVE-2019-5737 CVE-2019-1559)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-07-02T17:50:01", "id": "1D40C0819F4BA8B6A1180101B94544CA007BE7EC0B837D8B5C0B368FEB511FBB", "href": "https://www.ibm.com/support/pages/node/879891", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-24T05:59:17", "description": "## Summary\n\nSecurity vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-1559](<https://vulners.com/cve/CVE-2019-1559>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-5739](<https://vulners.com/cve/CVE-2019-5739>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n\\- IBM Business Automation Workflow V18.0.0.0 through V19.0.0.1\n\n\\- IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03\n\n\\- IBM Business Process Manager V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06\n\n\\- IBM Business Process Manager V8.5.6.0 through V8.5.6.0 CF2\n\n\\- IBM Business Process Manager V8.5.5.0\n\n## Remediation/Fixes\n\nInstall interim fix [JR60828](<http://www.ibm.com/support/docview.wss?uid=swg1JR60828>) as appropriate for your current IBM Business Automation Workflow or IBM BPM version.\n\n * [IBM Business Automation Workflow](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=aparId&apars=JR60828>)\n * [IBM Business Process Manager Advanced](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Advanced&release=All&platform=All&function=aparId&apars=JR60828>)\n * [IBM Business Process Manager Standard](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Standard&release=All&platform=All&function=aparId&apars=JR60828>)\n * [IBM Business Process Manager Express](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Express&release=All&platform=All&function=aparId&apars=JR60828>)\n\n \n**For IBM Business Automation Workflow V18.0.0.0 through V19.0.0.1** \n\u00b7 Upgrade to at least IBM Business Automation Workflow V18.0.0.1 as required by iFix and then apply iFix [JR60828](<http://www.ibm.com/support/docview.wss?uid=swg1JR60828>) \n\\--OR-- \n**\u00b7** Apply cumulative fix IBM Business Automation Workflow V19.0.0.2 (planned for end of Q2 2019) \n \n**For IBM BPM V8.6.0.0 through V8.6.0.0 CF 2018.03** \n\u00b7 Upgrade to at least IBM BPM V8.6.0.0 CF 2017.12 as required by iFix and then apply iFix [JR60828](<http://www.ibm.com/support/docview.wss?uid=swg1JR60828>) \n \n**For IBM BPM V8.5.7.0 through V8.5.7.0 CF 2017.06** \n\u00b7 Apply [Cumulative Fix 2017.06](<http://www.ibm.com/support/docview.wss?uid=swg24043591>) and then apply iFix [JR60828](<http://www.ibm.com/support/docview.wss?uid=swg1JR60828>) \n \n**For IBM BPM V8.5.6.0 through V8.5.6.0 CF2** \n\u00b7 Apply [CF2](<http://www-01.ibm.com/support/docview.wss?uid=swg24041303>) as required by iFix and then apply iFix [JR60828](<http://www.ibm.com/support/docview.wss?uid=swg1JR60828>) \n \n**For IBM BPM V8.5.5.0** \n\u00b7 Apply iFix [JR60828](<http://www.ibm.com/support/docview.wss?uid=swg1JR60828>)\n\n## Workarounds and Mitigations\n\n[IBM BPM Configuration Editor](<http://www.ibm.com/support/knowledgecenter/SSFTDH_8.5.7/com.ibm.wbpm.imuc.ebpmps.doc/topics/tcfg_edit_win_db2.html>) is a stand-alone tool for editing properties file. Use a standard text file editor instead.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-14T15:02:20", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and IBM Business Process Manager (BPM)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2022-09-14T15:02:20", "id": "9BCF845B5CA74D6E014B06C8443439577D715929466688BE26806C531202ECC4", "href": "https://www.ibm.com/support/pages/node/876608", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:46:11", "description": "## Summary\n\nSecure Gateway has addressed the following vulnerabilities: \nCVE-2019-1559 \nCVE-2019-5737 \nCVE-2019-5739\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-1559](<https://vulners.com/cve/CVE-2019-1559>) \n**DESCRIPTION: ** OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION: ** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-5739](<https://vulners.com/cve/CVE-2019-5739>) \n**DESCRIPTION: ** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Secure Gateway | Affected Versions \n---|--- \nSecure Gateway Client | 1.8.2 \n \n## Remediation/Fixes\n\nProduct | VRMF | Remediation / First Fix \n---|---|--- \nSecure Gateway Client | 1.8.2.1 | <https://cloud.ibm.com/docs/services/SecureGateway?topic=securegateway-add-client> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-06T17:15:01", "type": "ibm", "title": "Security Bulletin: Secure Gateway is affected by multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-06-06T17:15:01", "id": "DDE3DEB25676ADC1DB480364A779909356249858CDB0D097DC67216D3015C436", "href": "https://www.ibm.com/support/pages/node/886471", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:43:51", "description": "## Summary\n\nNode.js as used in IBM QRadar Packet Capture is susceptible to the following vulnerabilities\n\n## Vulnerability Details\n\n**CVEID: ** [CVE-2019-1559](<https://vulners.com/cve/CVE-2019-1559>) \n**Description: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \n**CVSS Base Score: **5.8 \n**CVSS Temporal Score: ** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \n**CVSS Environmental Score: ***Undefined \n**CVSS Vector: **CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N \n \n**CVEID: ** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**Description: **Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \n**CVSS Base Score: **5.9 \n**CVSS Temporal Score: ** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \n**CVSS Environmental Score: ***Undefined \n**CVSS Vector: **CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H \n \n**CVEID: ** [CVE-2019-5739](<https://vulners.com/cve/CVE-2019-5739>) \n**Description: **Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources. \n**CVSS Base Score: **7.5 \n**CVSS Temporal Score: ** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096> for the current score \n**CVSS Environmental Score: ***Undefined \n**CVSS Vector: **CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H \n\n\n## Affected Products and Versions\n\nIBM Security QRadar Packet Capture 7.2.0 - 7.2.8 Patch 5\n\nIBM Security QRadar Packet Capture 7.3.0 - 7.3.1 Patch 1\n\n## Remediation/Fixes\n\n[IBM Security QRadar Packet Capture 7.2.8 Patch 6](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Packet+Capture&release=7.2.0&platform=Linux&function=fixId&fixids=7.2.8-QRadar-PCAP-build-285&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp>)\n\n[IBM Security QRadar Packet Capture 7.3.2 GA](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Packet+Capture&release=7.3.0&platform=Linux&function=fixId&fixids=7.3.2-QRadar-PCAP-build-337&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-17T17:32:30", "type": "ibm", "title": "Security Bulletin: Node.js as used in IBM QRadar Packet Capture is vulnerable to the following CVE's (CVE-2019-1559, CVE-2019-5737, CVE-2019-5739)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-09-17T17:32:30", "id": "E47DCB90E150CB3DA557883F6C8FBE704493D83CE9703876536A5A4AF84D6B70", "href": "https://www.ibm.com/support/pages/node/961594", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:45:48", "description": "## Summary\n\nMultiple vulnerabilities in IBM\u00ae SDK Java\u2122 Technology Edition, Node.js\u2122, and OpenSSL (as used by Node.js) affect IBM Watson\u2122 Assistant for IBM Cloud Pak for Data.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12547](<https://vulners.com/cve/CVE-2018-12547>) \n**DESCRIPTION:** Eclipse OpenJ9 is vulnerable to a buffer overflow, caused by improper bounds checking by the jio_snprintf() and jio_vsnprintf() functions. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157512> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-2426](<https://vulners.com/cve/CVE-2019-2426>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE Networking component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155744> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-1559](<https://vulners.com/cve/CVE-2019-1559>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2019-5739](<https://vulners.com/cve/CVE-2019-5739>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nThese vulnerabilities affect IBM Watson Assistant for IBM Cloud Pak for Data V1.0.0 through V1.1.0.\n\n## Remediation/Fixes\n\nAffected product | Affected versions | Fix \n---|---|--- \nIBM Watson Assistant for IBM Cloud Pak for Data | V1.0.0-V1.1.0 | \n\nUpgrade to IBM Watson Assistant for IBM Cloud Pak V1.2.0. To download the software, go to [ Passport Advantage](<https://www-01.ibm.com/software/passportadvantage/pao_customer.html>), then search for \"watson assistant cloud private data,\" then select either **IBM Watson Assistant for IBM Cloud Private for Data 1.2.0 Installation Packages Linux English eAssembly**, part number CJ5N9EN, or **IBM Watson Assistant for IBM Cloud Private for Data Add-on V1.2.0** , part number CJ5P7EN.\n\nFor information about this version, see the [ release notes](<https://cloud.ibm.com/docs/services/assistant-data?topic=assistant-data-release-notes>). For information about installation, see the [ installation procedure](<https://cloud.ibm.com/docs/services/assistant-data?topic=assistant-data-install-120>). \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-28T20:45:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities affect IBM Watson Assistant for IBM Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12547", "CVE-2019-1559", "CVE-2019-2426", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-06-28T20:45:01", "id": "E1E9140261C4BEBD65D41F97BDFE9E765DD662488613A61191BC2E4AF6816228", "href": "https://www.ibm.com/support/pages/node/957299", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:41:26", "description": "## Summary\n\nMultiple Vulnerabilities in Watson Openscale (Liberty, Java, node.js)\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-10237](<https://vulners.com/cve/CVE-2018-10237>) \n**DESCRIPTION:** Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted data, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142508> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12547](<https://vulners.com/cve/CVE-2018-12547>) \n**DESCRIPTION:** Eclipse OpenJ9 is vulnerable to a buffer overflow, caused by improper bounds checking by the jio_snprintf() and jio_vsnprintf() functions. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157512> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-2426](<https://vulners.com/cve/CVE-2019-2426>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE Networking component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155744> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-1559](<https://vulners.com/cve/CVE-2019-1559>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-5737](<https://vulners.com/cve/CVE-2019-5737>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nWatson OpenScale V1.0.1\n\n## Remediation/Fixes\n\nUpdate to Watson OpenScale V1.0.2\n\nFollow this link to go to Passport Advantage.\n\nhttps://www.ibm.com/software/passportadvantage/pao_customer.html\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-28T18:42:45", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Watson Openscale (Liberty, Java, node.js)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10237", "CVE-2018-12547", "CVE-2019-1559", "CVE-2019-2426", "CVE-2019-5737"], "modified": "2020-01-28T18:42:45", "id": "CF40E075F0CA8C41C3924D8CAD12B7A9304B4AB57BABA03002EF8225FEFC457E", "href": "https://www.ibm.com/support/pages/node/880291", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:47:54", "description": "## Summary\n\nMultiple vulnerabilities in Node.js\u2122 and OpenSSL (as used by Node.js) that affect IBM\u00ae Watson\u2122 Assistant on IBM Cloud Private were disclosed by the Node.js foundation and OpenSSL project.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nThese vulnerabilities affect IBM Watson Assistant V1.0.0 through V1.0.1.\n\n## Remediation/Fixes\n\nAffected product | Affected versions | Fix \n---|---|--- \nIBM Watson Assistant | V1.0.0-V1.0.1 | \n\nUpgrade to IBM Watson Assistant V1.1.0. To download the software, go to [ Passport Advantage](<https://www-01.ibm.com/software/passportadvantage/pao_customer.html>) , search for \"watson assistant,\" and select **IBM Watson Assistant for IBM Cloud Private V1.1.0 eAssembly**, part number CJ4SVEN.\n\nFor information about this version, see the [ release notes](<https://cloud.ibm.com/docs/services/assistant-icp/release-notes.html#release-notes>) . For information about installation, see the [ installation procedure](<https://cloud.ibm.com/docs/services/assistant-icp/install_101_on_310.html#install_101_on_310>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-11T21:25:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js and OpenSSL affect IBM Watson Assistant on IBM Cloud Private", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122"], "modified": "2019-04-11T21:25:01", "id": "7FBB1FD9221FA054FD9A7DC060F7CF442AF0324D42297CC3C7C7D17622E3116F", "href": "https://www.ibm.com/support/pages/node/871922", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-07T21:45:43", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed the following vulnerabilities. CVE-2018-12122, CVE-2018-12121, CVE-2018-12123\n\n## Vulnerability Details\n\n**CVEID: ** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: ** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: ** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n\n\n## Affected Products and Versions\n\nIBM Cloud Transformation Advisor 1.8.0, 1.8.1, 1.9.0, 1.9.1\n\n## Remediation/Fixes\n\nUpgrade to 1.9.2 or later.\n\nIn IBM Cloud Private go to IBM Cloud Transformation Advisor helm release and click Upgrade.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-05T19:00:57", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud Transformation Advisor", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2022-12-05T19:00:57", "id": "5D8786524FF2C256D99F662B9CC426AEB26EEF859AEB16BB27E3A50D783562BE", "href": "https://www.ibm.com/support/pages/node/872252", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:49:15", "description": "## Summary\n\nSecurity Vulnerabilities in Node.js affect IBM Voice Gateway.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Voice Gateway 1.0 - 1.0.0.8c\n\n## Remediation/Fixes\n\nUpgrade to IBM Voice Gateway 1.0.0.8d\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-02-20T18:30:01", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2019-02-20T18:30:01", "id": "838A0182B31DD6A39D5113FDFE9BB61870EAE2C600BE179A5D76BC46059DD940", "href": "https://www.ibm.com/support/pages/node/872270", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:48:22", "description": "## Summary\n\nIBM API Connect has addressed the following vulnerability.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected IBM API Management | Affected Versions \n---|--- \nIBM API Connect | 2018.1-2018.4.1.1 \nIBM API Connect | 5.0.8.0-5.0.8.5 \n \n## Remediation/Fixes\n\nAffected releases | Fixed in VRMF | APAR | Remediation / First Fix \n---|---|---|--- \nIBM API Connect V2018.1-2018.4.1 | 2018.4.1.2 fixpack | LI80736 | \n\nAddressed in IBM API Connect v2018.4.1.2 fixpack.\n\nDeveloper Portal is impacted.\n\nFollow this link and find the appropriate form factor for your installation: \n\n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=2018.4.1&platform=All&function=all&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=2018.4.1.0&platform=All&function=all&source=fc>) \n \nIBM API Connect V5.0.8.0-5.0.8.5 | 5.0.8.6 fixpack | LI80736 | \n\nAddressed in 5.0.8.6 fixpack.\n\nManagement server and Developer Portal are impacted.\n\nFollow this link and find the APIConnect_Management and APIConnect-Portal package.\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.5&platform=All&function=all&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.5&platform=All&function=all&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-27T22:45:01", "type": "ibm", "title": "Security Bulletin: API Connect is impacted by multiple nodeJS vulnerabilities (CVE-2018-12122 CVE-2018-12121 CVE-2018-12123 CVE-2018-12116)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2019-03-27T22:45:01", "id": "27030B2D9389494CA9D7662F37CAA7D4EC4B266A24C4761D12AAC6263E180C54", "href": "https://www.ibm.com/support/pages/node/878136", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:47:45", "description": "## Summary\n\nThe Planning Analytics Workspace component of IBM Planning Analytics is vulnerable to multiple Node.js vulnerabilities. The version of Node.js use by IBM Planning Analytics Workspace has been upgraded to address these vulnerabilities. \n\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Planning Analytics Local 2.0 (Planning Analytics Workspace)\n\n## Remediation/Fixes\n\n[IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 41 is now available on Fix Central](<http://www.ibm.com/support/docview.wss?uid=ibm10879605>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-15T15:25:01", "type": "ibm", "title": "Security Bulletin: IBM Planning Analytics Local is affected by multiple vulnerabilities (CVE-2018-12116, CVE-2018-12121, CVE-2018-12122, CVE-2018-12123)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2019-04-15T15:25:01", "id": "6C0907D7FF0174893DA4596561F31CECFD4CA1433EC6E8A7635F8094B580F942", "href": "https://www.ibm.com/support/pages/node/879441", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-22T01:46:30", "description": "## Summary\n\nIBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped.\n\n## Vulnerability Details\n\n**CVEID: ** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION: ** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: ** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION: ** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: ** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION: ** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: ** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION: ** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Event Streams 2018.3.0\n\nIBM Event Streams 2018.3.1\n\n## Remediation/Fixes\n\nUpgrade to IBM Event Streams 2019.1.1 which is available from [Passport Advantage](<https://www.ibm.com/software/passportadvantage/>).\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-29T10:50:01", "type": "ibm", "title": "Security Bulletin: IBM Event Streams is affected by Node.js vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2019-03-29T10:50:01", "id": "29E7F443B4BC8A149165D81485163DCC8A58CED7C4B94113DE930169107E8441", "href": "https://www.ibm.com/support/pages/node/795830", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:40:29", "description": "## Summary\n\nIBM Integration Bus & IBM App Connect Enterprise V11 ship with Node.js version 8 for which multiple vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Integration Bus V10.0.0 - V10.0.0.15\n\nIBM App connect Enterprise V11 , V11.0.0.0 - V11.0.0.3\n\n## Remediation/Fixes\n\n**Product** | **VRMF** | APAR | **Remediation/Fix** \n---|---|---|--- \nIBM Integration Bus | V10.0.0.0 -V10.0.0.15 | IT27985 | \n\nThe APAR is available in fix pack 10.0.0.16\n\n[IBM Integration Bus V10.0 - Fix Pack 10.0.0.16](<https://www-01.ibm.com/support/docview.wss?uid=ibm10875824>) \n \nIBM App Connect Enterprise V11 | V11.0.0.0 -V11.0.0.3 | IT27985 | \n\nThe APAR is available in fix pack 11.0.0.4\n\n[IBM App Connect Enterprise Version V11 - Fix Pack 11.0.0.4](<https://www-01.ibm.com/support/docview.wss?uid=ibm10876386>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-23T20:41:52", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2020-03-23T20:41:52", "id": "B82CB62755C85DED32A059AE2AF4DA062BFA6EF9DA8EF6B0A0A8FCF055434ACD", "href": "https://www.ibm.com/support/pages/node/880531", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:46:44", "description": "## Summary\n\nThere are multiple vulnerabilities in Node.js used by IBM\u00ae Cloud App Management V2018. IBM\u00ae Cloud App Management has addressed the applicable CVEs in a later version.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Cloud App Management V2018.2.0\n\nIBM Cloud App Management V2018.4.0\n\nIBM Cloud App Management V2018.4.1\n\n## Remediation/Fixes\n\nIBM Cloud App Management was updated to use a later version of Node.js. Install or upgrade to IBM Cloud App Management V2019.2.0 to address these security vulnerabilities. IBM Cloud App Management V2019.2.0 is available on [IBM Passport Advantage](<https://www.ibm.com/software/passportadvantage/index.html>) .\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-13T23:35:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2019-05-13T23:35:01", "id": "1BEB53E6FCA3E6ED4DD7E59EF6CF4889FA893B1EA7E5AABDAE089FA2297EB37C", "href": "https://www.ibm.com/support/pages/node/883910", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:47:01", "description": "## Summary\n\nThere are multiple vulnerabilities in Node.js used by IBM\u00ae Cloud App Management V2018. IBM\u00ae Cloud App Management has addressed the applicable CVEs in a later version.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-5407](<https://vulners.com/cve/CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU''s internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-0735](<https://vulners.com/cve/CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0734](<https://vulners.com/cve/CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\nFull details available on these vulnerabilities available from node.js here: \n \n<https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/> \n \nPlease refer to Xforce Link for latest score and additional details \nAlso refer to external Disclosure URL specified below \n<https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/> \n<https://www.openssl.org/news/secadv/20181030.txt> \n<https://www.openssl.org/news/secadv/20181029.txt> \n<https://seclists.org/oss-sec/2018/q4/123> \n<https://seclists.org/oss-sec/2018/q4/126> \n<https://seclists.org/oss-sec/2018/q4/127> \n<https://www.zdnet.com/article/intel-cpus-impacted-by-new-portsmash-side-channel-vulnerability/> \n<http://www.intel.com/> \n<https://www.exploit-db.com/exploits/45785/> \n<https://packetstormsecurity.com/files/150138> \n<https://www.openssl.org/news/secadv/20181112.txt>\n\n## Affected Products and Versions\n\nIBM Cloud App Management V2018.2.0\n\nIBM Cloud App Management V2018.4.0\n\nIBM Cloud App Management V2018.4.1\n\n## Remediation/Fixes\n\nIBM Cloud App Management was updated to use a later version of Node.js. Install or upgrade to IBM Cloud App Management V2019.2.0 to address these security vulnerabilities. IBM Cloud App Management V2019.1.0 is available on [IBM Passport Advantage](<https://www.ibm.com/software/passportadvantage/index.html>) .\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-03T14:35:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-05-03T14:35:01", "id": "AC937FC2D06F7497A7DAE7DB8BAA56276E0A32D9882D10507A01E8A788B2E77C", "href": "https://www.ibm.com/support/pages/node/870522", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:49:20", "description": "## Summary\n\nPortions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i (RPG and COBOL + Modernization Tools, Java and EGL editions), and Rational Developer for AIX and Linux. \nMultiple Node.js vulnerabilities have been discovered that affect the Cordova platform packaged with Rational Application Developer. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2018-0734_](<https://vulners.com/cve/CVE-2018-0734>)\n\n**Description: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_ https://exchange.xforce.ibmcloud.com/vulnerabilities/152085_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133729>) for more information.\n\nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n \n**CVEID:** [_CVE-2018-0735_](<https://vulners.com/cve/CVE-2018-0735>)\n\n**DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key.\n\nCVSS Base Score: 3.7\n\nCVSS Temporal Score: See [_ https://exchange.xforce.ibmcloud.com/vulnerabilities/133784_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133784>) for more information.\n\nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVE-ID: ** [CVE-2018-5407](<https://www-01.ibm.com/support/cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407>) \n**Description: **Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectur\u2019s parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVE-ID: ** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**Description: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVE-ID: ** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**Description: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVE-ID: ** [CVE-2018-12120](<https://vulners.com/cve/CVE-2018-12120>) \n**Description: **Node.js could allow a remote attacker to execute arbitrary JavaScript on the system, caused by a flaw when debugger mode is enabled with `node --debug` or `node debug`. By sending specially-crafted request to port 5858, an attacker could exploit this vulnerability to execute arbitrary JavaScript on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153454> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVE-ID: ** [CVE-2018-12121](<https://www-01.ibm.com/support/cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121>) \n**Description: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVE-ID: ** [CVE-2018-12122](<https://www-01.ibm.com/support/cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122>) \n**Description: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**Affected Product and Version(s)**\n\n| **Product and Version shipped as a component** \n---|--- \nIBM Rational Developer for i v9.1, v9.1.1, v9.1.1.1, v9.5, v9.5.0.1, v9.5.0.2, v9.5.0.3, v9.5.1, v9.5.1.1, v9.5.1.2, v9.5.1.3, v9.6, v9.6.0.1, v9.6.0.2, v9.6.0.3, v9.6.0.4, v9.6.0.5 RPG and COBOL + Modernization Tools, Java Edition | Rational Application Developer 9.1, 9.1.1, 9.5, 9.5.1, 9.6 \nIBM Rational Developer for i v9.1, v9.1.1 and v9.1.1.1, v9.5, v9.5.0.1, 9.5.0.2, v9.5.0.3, v9.5.1, v9.5.1.1, v9.5.1.2, v9.5.1.3, v9.6, v9.6.0.1, v9.6.0.2, v9.6.0.3, v9.6.0.4, v9.6.0.5 RPG and COBOL + Modernization Tools, EGL Edition | Rational Application Developer 9.1, 9.1.1, 9.5, 9.5.1, 9.6 \nIBM Rational Developer for AIX and Linux v9.1, v9.1.1, v9.1.1.1, v9.1.1.2 and v9.1.1.3, v9.1.1.4 AIX COBOL Edition | Rational Application Developer 9.1, 9.1.1 \nIBM Rational Developer for AIX and Linux v9.1, v9.1.1, v9.1.1.1, v9.1.1.2 and v9.1.1.3, v9.1.1.4 C/C++ Edition | Rational Application Developer 9.1, 9.1.1 \n \n## Remediation/Fixes\n\nReview the Remediation/Fixes section of [Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software ](<https://www.ibm.com/support/docview.wss?uid=ibm10794537>) for instructions on obtaining the fix for this issue.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-19T17:40:02", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js affects IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-02-19T17:40:02", "id": "C9174543E96AC83F6EEEC9AB65743992BCDAA034ED3FD3113E557100F582062E", "href": "https://www.ibm.com/support/pages/node/872442", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T01:47:06", "description": "## Summary\n\nMultiple Node.js vulnerabilities were disclosed by the Node.js project. Node.js is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2018-0734_](<https://vulners.com/cve/CVE-2018-0734>)\n\n**Description: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_ https://exchange.xforce.ibmcloud.com/vulnerabilities/152085_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133729>) for more information.\n\nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n**CVEID:** [_CVE-2018-0735_](<https://vulners.com/cve/CVE-2018-0735>)\n\n**DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key.\n\nCVSS Base Score: 3.7\n\nCVSS Temporal Score: See [_ https://exchange.xforce.ibmcloud.com/vulnerabilities/133784_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133784>) for more information.\n\nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVE-ID: ** [CVE-2018-5407](<cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407>) \n**Description: **Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectur\u2019s parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVE-ID: ** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**Description: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVE-ID: ** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**Description: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVE-ID: ** [CVE-2018-12120](<https://vulners.com/cve/CVE-2018-12120>) \n**Description: **Node.js could allow a remote attacker to execute arbitrary JavaScript on the system, caused by a flaw when debugger mode is enabled with `node --debug` or `node debug`. By sending specially-crafted request to port 5858, an attacker could exploit this vulnerability to execute arbitrary JavaScript on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153454> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVE-ID: ** [CVE-2018-12121](<cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121>) \n**Description: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVE-ID: ** [CVE-2018-12122](<cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122>) \n**Description: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nRational Application Developer 9.1\n\nRational Application Developer 9.5\n\nRational Application Developer 9.6\n\nRational Application Developer 9.7\n\n## Remediation/Fixes\n\nUpdate the IBM Rational Application Developer to address this vulnerability: \n\n**Product**\n\n| **VRMF** | **APAR** | **Remediation/First Fix** \n---|---|---|--- \nRational Application Developer | \n\n9.1\n\n9.5\n\n9.6\n\n9.7\n\n| \n\nPH07024\n\n| \n\n * For all versions, \n[install iFix](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/IBM+Rational+Application+Developer+for+WebSphere+Software&release=All&platform=All&function=fixId&fixids=Rational-RAD-Cordova-ifix-zip&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNo known workarounds.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-29T21:10:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-01-29T21:10:01", "id": "1EE6A9FE4BA67B644CF284DD602D2172C5B63FD07D6A0117C4A372E7C9EF1921", "href": "https://www.ibm.com/support/pages/node/794537", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T01:47:23", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs. Node.js vulnerabilities were disclosed by the Node.js foundation. Node.js is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0735](<https://vulners.com/cve/CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:**\n\n[CVE-2018-0734](<https://vulners.com/cve/CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-5407](<https://vulners.com/cve/CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12120](<https://vulners.com/cve/CVE-2018-12120>) \n**DESCRIPTION:** Node.js could allow a remote attacker to execute arbitrary JavaScript on the system, caused by a flaw when debugger mode is enabled with `node --debug` or `node debug`. By sending specially-crafted request to port 5858, an attacker could exploit this vulnerability to execute arbitrary JavaScript on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153454> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-5407](<https://vulners.com/cve/CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-0735](<https://vulners.com/cve/CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0734](<https://vulners.com/cve/CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nThese vulnerabilities affect IBM SDK for Node.js v6.14.4 and earlier releases. \nThese vulnerabilities affect IBM SDK for Node.js v8.11.4 and earlier releases.\n\nThese vulnerabilities affect IBM SDK for Node.js v10.13.0 and earlier releases. \n \nYou can also find this file through the command-line Cloud Foundry client by running the following command: \n \n**cf ssh <appname> -c \"cat staging_info.yml\"** \n \nLook for the following lines: \n{\"detected_buildpack\":\"SDK for Node.js(TM) (ibm-node.js-xxx, buildpack-v3.xxx)\",\"start_command\":\"./vendor/initial_startup.rb\"} \n \nIf the Node.js engine version is not at least v6.15.0, v8.14.0 or v10.14.0 your application may be vulnerable.\n\n## Remediation/Fixes\n\nThe fixes for these vulnerabilities are included in IBM SDK for Node.js v6.14.4 and subsequent releases. \nThe fixes for these vulnerabilities are included in IBM SDK for Node.js v8.11.4 and subsequent releases. \n \nTo upgrade to the latest version of the Node.js runtime, please specify the latest Node.js runtime in your package.json file for your application: \n \n_\"engines\": {_ \n_\"node\": \">=6.15.0\"_ \n_},_ \n_or _ \n_\"engines\": {_ \n_\"node\": \">=8.14.0\"_ \n_},_\n\n_or _ \n_\"engines\": {_ \n_\"node\": \">=10.14.0\"_ \n_},_ \n \nYou will then need to restage (or re-push) your application using the IBM SDK for Node.js Buildpack v3.25.\n\n## Workarounds and Mitigations\n\nNone\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n16 Jan 2019: Original document published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS4JM7\",\"label\":\"IBM SDK for Node.js for Cloud\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB21\",\"label\":\"Public Cloud Platform\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-16T12:25:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities affect IBM\u00ae SDK for Node.js\u2122 in IBM Cloud", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-01-16T12:25:01", "id": "E9F526279967C49905FC615BE4B623F1E1673884718AFE186BA43E5FCA0DB5EE", "href": "https://www.ibm.com/support/pages/node/795324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:48:45", "description": "## Summary\n\nIBM Cloud Private, Cloud Foundry for IBM Cloud Private and IBM Cloud Automation Manager are vulnerable to multiple security vulnerabilities in Node.js\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12120](<https://vulners.com/cve/CVE-2018-12120>) \n**DESCRIPTION:** Node.js could allow a remote attacker to execute arbitrary JavaScript on the system, caused by a flaw when debugger mode is enabled with `node --debug` or `node debug`. By sending specially-crafted request to port 5858, an attacker could exploit this vulnerability to execute arbitrary JavaScript on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153454> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-5407](<https://vulners.com/cve/CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-0735](<https://vulners.com/cve/CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0734](<https://vulners.com/cve/CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n * IBM Cloud Private 2.1.x, 3.1.0, 3.1.1\n * Cloud Foundry for IBM Cloud Private 3.1.1\n * IBM Cloud Automation Manager 3.1.0\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages\n\n * IBM Cloud Private 3.1.2\n * IBM Cloud Private 3.1.1 \n\nFor IBM Cloud Private 3.1.1\n\n * Apply these patches: \n * [IBM Cloud Private 3.1.1 Patch - Catalog ui](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build514117-19573&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Logging](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build514432-20668&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Helm-api](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build510170&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Helm-repo](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build508577&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Helm Management-repo](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build508996&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Metering](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build513590-19578&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Platform-u](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build512660&includeSupersedes=0>)i\n * [IBM Cloud Private 3.1.1 Patch - Vulnerability Advisor](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build513375&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Auth-pap](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build514832-19580&includeSupersedes=0>)\n * [IBM Cloud Private 3.1.1 Patch - Auth-idp](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.1.1-build514833-22680&includeSupersedes=0>)\n\nFor IBM Cloud Private, 2.1.x, 3.1.0:\n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.1.2. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\nFor Cloud Foundry for IBM Cloud Private 3.1.1:\n\n * Upgrade to [3.1.1 Fix Pack 1](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Cloud+Private&release=3.1.1&platform=All&function=fixId&fixids=%09icp-cf-3.1.1-build510838&includeSupersedes=0>)\n\nFor IBM Cloud Automation Manager 3.1.0:\n\n * Upgrade to version 3.1.2 which can be obtained from [IBM Passport Advantage](<https://www.ibm.com/software/passportadvantage/>) , or contact IBM support.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-11T14:55:02", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities affect IBM\u00ae Cloud Private - Node.js", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-03-11T14:55:02", "id": "0A276639D76D90E406C7142F2E6AD8D33EBF40F8D293EF64E2B985DD723E5AAB", "href": "https://www.ibm.com/support/pages/node/869830", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:53:25", "description": "## Summary\n\nIBM API Connect has addressed the following vulnerabilities. \n\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-16276](<https://vulners.com/cve/CVE-2018-16276>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by improper bounds checking in the yurex_read function in drivers/usb/misc/yurex.cr. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash, or gain elevated privileges. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149198> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-6554](<https://vulners.com/cve/CVE-2018-6554>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the irda_bind function. By repeatedly binding an AF_IRDA socket, a local attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149360> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-15594](<https://vulners.com/cve/CVE-2018-15594>) \n**DESCRIPTION:** Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by the improper handling of certain indirect calls. By conducting Spectre-v2 attacks against paravirtual guests, an attacker could exploit this vulnerability to leak memory contents into a CPU cache and read host kernel memory. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148547> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-15572](<https://vulners.com/cve/CVE-2018-15572>) \n**DESCRIPTION:** Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by the failure to always fill RSB upon a context switch by the spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c. An attacker could exploit this vulnerability to conduct userspace-userspace spectreRSB attacks and obtain private data. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148546> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-17182](<https://vulners.com/cve/CVE-2018-17182>) \n**DESCRIPTION:** Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the improper handling of sequence number overflows by the vmacache_flush_all function. An attacker could exploit this vulnerability using certain thread creation, map, unmap, invalidation, and dereference operations to trigger a use-after-free error and gain elevated privileges on the system. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150102> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-10902](<https://vulners.com/cve/CVE-2018-10902>) \n**DESCRIPTION:** Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a double-free in in snd_rawmidi_input_params() and snd_rawmidi_output_status() triggered by the raw midi kernel driver. An attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with elevated privileges. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148627> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-14633](<https://vulners.com/cve/CVE-2018-14633>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the chap_server_compute_md5() function. If the iSCSI target to be enabled on the victim host, an attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. \nCVSS Base Score: 7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150238> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H)\n\n**CVEID:** [CVE-2018-6555](<https://vulners.com/cve/CVE-2018-6555>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error in the irda_setsockopt function. A local attacker could exploit this vulnerability using an AF_IRDA socket to cause the system to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149361> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-3062](<https://vulners.com/cve/CVE-2018-3062>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle MySQL related to the Server Server: Memcached component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-18216](<https://vulners.com/cve/CVE-2017-18216>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in fs/ocfs2/cluster/nodemanager.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139923> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-7603](<https://vulners.com/cve/CVE-2018-7603>) \n**DESCRIPTION:** The Search Autocomplete for Drupal is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12123](<https://vulners.com/cve/CVE-2018-12123>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12122](<https://vulners.com/cve/CVE-2018-12122>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12116](<https://vulners.com/cve/CVE-2018-12116>) \n**DESCRIPTION:** Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-0734](<https://vulners.com/cve/CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0732](<https://vulners.com/cve/CVE-2018-0732>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144658> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-16845](<https://vulners.com/cve/CVE-2018-16845>) \n**DESCRIPTION:** nginx is vulnerable to a denial of service, caused by an error when compiled with the ngx_http_mp4_module. By persuading a victim to open a specially-crafted mp4 file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop or obtain sensitive information from worker process memory. \nCVSS Base Score: 4.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152681> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L)\n\n**CVEID:** [CVE-2018-14647](<https://vulners.com/cve/CVE-2018-14647>) \n**DESCRIPTION:** Python is vulnerable to a denial of service, caused by a flaw in the elementtree C accelerator. By using a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a resource exhaustion. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150579> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-18314](<https://vulners.com/cve/CVE-2018-18314>) \n**DESCRIPTION:** Perl is vulnerable to a heap-based buffer overflow, caused by a flaw in the S_regatom function in regcomp.c. By using a specially-crafted regular expression, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153589> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-18313](<https://vulners.com/cve/CVE-2018-18313>) \n**DESCRIPTION:** Perl could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the S_grok_bslash_N function in regcomp.c. By using a specially-crafted regular expression, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153588> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-18312](<https://vulners.com/cve/CVE-2018-18312>) \n**DESCRIPTION:** Perl is vulnerable to a heap-based buffer overflow, caused by a flaw in the S_regatom function in regcomp.c. By using a specially-crafted regular expression, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153587> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-18311](<https://vulners.com/cve/CVE-2018-18311>) \n**DESCRIPTION:** Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the Perl_my_setenv function. By sending a specially-crafted request, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153586> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-13053](<https://vulners.com/cve/CVE-2018-13053>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in alarm_timer_nsleep. By sending an overly long string, an attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145647> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-15687](<https://vulners.com/cve/CVE-2018-15687>) \n**DESCRIPTION:** systemd could allow a remote attacker to bypass security restrictions, caused by a race condition in the chown_one function. By sending a specially-crafted request, an attacker could exploit this vulnerability to set arbitrary permissions on arbitrary files. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152040> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-10880](<https://vulners.com/cve/CVE-2018-10880>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a stack-out-of-bounds write in the ext4 filesystem code. By using a specially-crafted ext4 image, a local authenticated attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147436> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-13096](<https://vulners.com/cve/CVE-2018-13096>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds memory access flaw in fs/f2fs/super.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145961> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-14609](<https://vulners.com/cve/CVE-2018-14609>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the __del_reloc_root function in fs/btrfs/relocation.c when mounting a crafted btrfs image. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147619> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-14617](<https://vulners.com/cve/CVE-2018-14617>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the hfsplus_lookup function in fs/hfsplus/dir.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147627> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-5407](<https://vulners.com/cve/CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU''s internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-14600](<https://vulners.com/cve/CVE-2018-14600>) \n**DESCRIPTION:** X.Org libx11 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw. By sending a specially-crafted value, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148663> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-14599](<https://vulners.com/cve/CVE-2018-14599>) \n**DESCRIPTION:** X.Org libx11 is vulnerable to a denial of service, caused by an off-by-one flaw in multiple functions. By sending malicious server responses, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148661> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-14598](<https://vulners.com/cve/CVE-2018-14598>) \n**DESCRIPTION:** X.Org libx11 is vulnerable to a denial of service. By sending a specially-crafted reply, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148664> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-16429](<https://vulners.com/cve/CVE-2018-16429>) \n**DESCRIPTION:** GNOME GLib is vulnerable to a denial of service, caused by an out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149332> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-16428](<https://vulners.com/cve/CVE-2018-16428>) \n**DESCRIPTION:** GNOME GLib is vulnerable to a denial of service, caused by a NULL pointer dereference in g_markup_parse_context_end_parse() in gmarkup.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149333> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-1000222](<https://vulners.com/cve/CVE-2018-1000222>) \n**DESCRIPTION:** libgd could allow a remote attacker to execute arbitrary code on the system, caused by a double free in the gdImageBmpPtr function. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148755> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-14618](<https://vulners.com/cve/CVE-2018-14618>) \n**DESCRIPTION:** cURL libcurl is vulnerable to a buffer overflow, caused by an integer overflow flaw in the Curl_ntlm_core_mk_nt_hash internal function in the NTLM authentication code. By sending an overly long password, a remote attacker could overflow a buffer and execute arbitrary code and cause the application to crash. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149359> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-5740](<https://vulners.com/cve/CVE-2018-5740>) \n**DESCRIPTION:** ISC BIND is vulnerable to a denial of service, caused by a defect in the deny-answer-aliases feature. By triggering this defect, a remote attacker could exploit this vulnerability to cause an INSIST assertion failure in name.c. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148131> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10853](<https://vulners.com/cve/CVE-2018-10853>) \n**DESCRIPTION:** Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the failure to check current privilege(CPL) level while emulating unprivileged instructions by the KVM hypervisor. An attacker could exploit this vulnerability to gain elevated privileges on the system. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149311> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-5391](<https://vulners.com/cve/CVE-2018-5391>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by the improper handling of the reassembly of fragmented IPv4 and IPv6 packets by the IP implementation. By sending specially crafted IP fragments with random offsets, a remote attacker could exploit this vulnerability to exhaust all available CPU resources and cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148388> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-9516](<https://vulners.com/cve/CVE-2018-9516>) \n**DESCRIPTION:** Google Android could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds write in hid_debug_events_read of drivers/hid/hid-debug.c. An attacker could exploit this vulnerability to escalate privileges. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152645> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-5390](<https://vulners.com/cve/CVE-2018-5390>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an error in the tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions. By sending specially crafted packets within ongoing TCP sessions, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147950> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-5711](<https://vulners.com/cve/CVE-2018-5711>) \n**DESCRIPTION:** PHP is vulnerable to a denial of service, caused by an integer signedness error in the imagecreatefromgif and imagecreatefromstring functions in the GD Graphics Library (aka libgd). By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137653> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10876](<https://vulners.com/cve/CVE-2018-10876>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the ext4_ext_remove_space() function. By mounting and operating on a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147834> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10881](<https://vulners.com/cve/CVE-2018-10881>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an out-of-bound access in the ext4_get_group_info function. By mounting and operating on a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147820> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10882](<https://vulners.com/cve/CVE-2018-10882>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an out-of-bound write in the fs/jbd2/transaction.c code function. By unmounting a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147831> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-13094](<https://vulners.com/cve/CVE-2018-13094>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a flaw in the xfs_da_shrink_inode function in fs/xfs/libxfs/xfs_attr_leaf.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a kernel OOPS. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145959> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-3646](<https://vulners.com/cve/CVE-2018-3646>) \n**DESCRIPTION:** Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker with guest OS privilege could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148319> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-10877](<https://vulners.com/cve/CVE-2018-10877>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an out-of-bound access in the ext4_ext_drop_refs() function. By using a specially-crafted ext4 image, a local authenticated attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147438> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2017-13168](<https://vulners.com/cve/CVE-2017-13168>) \n**DESCRIPTION:** Google Android could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in kernel scsi driver. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136062> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-10878](<https://vulners.com/cve/CVE-2018-10878>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds write in the ext4 filesystem. By mounting and operating on a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147833> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10879](<https://vulners.com/cve/CVE-2018-10879>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the ext4_xattr_set_entry function. By renaming a file a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147832> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-12233](<https://vulners.com/cve/CVE-2018-12233>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a memory corruption in the ea_get function in fs/jfs/xattr.c. A local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144767> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-13405](<https://vulners.com/cve/CVE-2018-13405>) \n**DESCRIPTION:** Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the fs/inode.c:inode_init_owner() function. An attacker could exploit this vulnerability to create files with an unintended group ownership. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146434> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-13406](<https://vulners.com/cve/CVE-2018-13406>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c. A local attacker could exploit this vulnerability to crash the kernel or potentially gain elevated privileges. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147005> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-7942](<https://vulners.com/cve/CVE-2016-7942>) \n**DESCRIPTION:** X.Org libX11 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the XGetImage() function. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117541> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-7943](<https://vulners.com/cve/CVE-2016-7943>) \n**DESCRIPTION:** X.Org libX11 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the XListFonts() function. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117542> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-3639](<https://vulners.com/cve/CVE-2018-3639>) \n**DESCRIPTION:** Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by utilizing sequences of speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to bypass security restrictions and gain read access to privileged memory. Note: This vulnerability is the Speculative Store Bypass (SSB), also known as Variant 4 or \"SpectreNG\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143569> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-3640](<https://vulners.com/cve/CVE-2018-3640>) \n**DESCRIPTION:** Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by utilizing sequences of speculative execution that perform speculative reads of system registers. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to determine the values stored in system registers. Note: This vulnerability is the Rogue System Register Read (RSRE), also known as Variant 3a. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143570> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-3620](<https://vulners.com/cve/CVE-2018-3620>) \n**DESCRIPTION:** Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. Note: This vulnerability is also known as the \"L1 Terminal Fault (L1TF)\" or \"Foreshadow\" attack. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148318> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-10021](<https://vulners.com/cve/CVE-2018-10021>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by ata qc leak in the drivers/scsi/libsas/sas_scsi_host.c. By triggering certain failure conditions, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141588> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-10087](<https://vulners.com/cve/CVE-2018-10087>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a flaw in the kernel_wait4 function in kernel/exit.c. By triggering an attempted use of the -INT_MIN value, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141640> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10124](<https://vulners.com/cve/CVE-2018-10124>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a flaw in the kill_something_info function in kernel/signal.c. By using an INT_MIN argument, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141698> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-7755](<https://vulners.com/cve/CVE-2018-7755>) \n**DESCRIPTION:** Linux Kernel could allow a local attacker to bypass security restrictions, caused by a flaw in the fd_locked_ioctl function in drivers/block/floppy.c. By using the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data, an attacker could exploit this vulnerability to bypass kernel security protections. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140065> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2017-5715](<https://vulners.com/cve/CVE-2017-5715>) \n**DESCRIPTION:** Intel Haswell Xeon, AMD PRO and ARM Cortex A57 CPUs could allow a local authenticated attacker to obtain sensitive information, caused by a branch target injection in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to leak memory contents into a CPU cache and read host kernel memory. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137054> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-0737](<https://vulners.com/cve/CVE-2018-0737>) \n**DESCRIPTION:** OpenSSL could allow a local attacker to obtain sensitive information, caused by a cache-timing side channel attack in the RSA Key generation algorithm. An attacker with access to mount cache timing attacks during the RSA key generation process could exploit this vulnerability to recover the private key and obtain sensitive information. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141679> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-1152](<https://vulners.com/cve/CVE-2018-1152>) \n**DESCRIPTION:** Libjpeg Turbo is vulnerable to a denial of service, caused by a divide-by-zero when processing a BMP image. By persuading a victim to open a specially crafted BMP image, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145045> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2017-18258](<https://vulners.com/cve/CVE-2017-18258>) \n**DESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by a flaw in the xz_head function in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141432> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-5814](<https://vulners.com/cve/CVE-2018-5814>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by multiple race condition errors when handling probe, disconnect and rebind operations in USB over IP daemon. By sending multiple USB over IP packets, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144508> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1116](<https://vulners.com/cve/CVE-2018-1116>) \n**DESCRIPTION:** polkit is vulnerable to a denial of service, caused by a flaw in the implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service or obtain sensitive information. \nCVSS Base Score: 7.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146202> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)\n\n**CVEID:** [CVE-2016-10087](<https://vulners.com/cve/CVE-2016-10087>) \n**DESCRIPTION:** libpng is vulnerable to a denial of service, caused by a NULL pointer dereference in the png_set_text_2 function. By loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/124207> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-14404](<https://vulners.com/cve/CVE-2018-14404>) \n**DESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xpath.c:xmlXPathCompOpEval() function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147260> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-7185](<https://vulners.com/cve/CVE-2018-7185>) \n**DESCRIPTION:** NTP is vulnerable to a denial of service. By sending specially crafted packets, a remote authenticated attacker could exploit this vulnerability to reset authenticated interleaved association. \nCVSS Base Score: 3.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139783> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-9318](<https://vulners.com/cve/CVE-2016-9318>) \n**DESCRIPTION:** Libxml2 could allow a remote attacker to obtain sensitive information, caused by failure to offer a flag directly indicating the status of current document. By using a specially-crafted document to conduct a XML external entity (XXE) attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119018> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2017-18255](<https://vulners.com/cve/CVE-2017-18255>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the perf_cpu_time_max_percent_handler function in kernel/events/core.c. By using a specially-crafted input, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141329> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-7183](<https://vulners.com/cve/CVE-2018-7183>) \n**DESCRIPTION:** NTP is vulnerable to a buffer overflow, caused by improper bounds checking by the decodearr function. By leveraging an ntpq query and sending a response with a crafted array, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140092> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-15896](<https://vulners.com/cve/CVE-2017-15896>) \n**DESCRIPTION:** Node.js could allow a remote attacker to bypass security restrictions, caused by an error in OpenSSL within the \"error state\" mechanism when directly calling SSL_read() due to TLS handshake failure. An attacker could exploit this vulnerability to bypass the decryption or encryption process and perform unauthorized actions. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136225> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12115](<https://vulners.com/cve/CVE-2018-12115>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by an out-of-bounds write in Buffer. An attacker could exploit this vulnerability to write to memory outside of a Buffer''s memory space, corrupt Buffer objects or cause the process to crash. \nCVSS Base Score: 8.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148426> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)\n\n**CVEID:** [CVE-2018-7159](<https://vulners.com/cve/CVE-2018-7159>) \n**DESCRIPTION:** Node.js http module could allow a remote attacker to bypass security restrictions, caused by the acceptance of incorrect Content-Length values, containing spaces within the value, in HTTP headers. An attacker could exploit this vulnerability to confuse the script and launch further attacks on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143448> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-7158](<https://vulners.com/cve/CVE-2018-7158>) \n**DESCRIPTION:** Node.js path module is vulnerable to a denial of service. By sending a specially crafted file path, an attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143449> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1000168](<https://vulners.com/cve/CVE-2018-1000168>) \n**DESCRIPTION:** nghttp2 is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141584> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-7161](<https://vulners.com/cve/CVE-2018-7161>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by an error within the http2 implementation. By interacting with the http2 server in an insecure manner, a remote attacker could exploit this vulnerability to cause the node server providing an http2 server to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144736> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-7167](<https://vulners.com/cve/CVE-2018-7167>) \n**DESCRIPTION:** Node.js is vulnerable to a denial of service. By invoking Buffer.fill() or Buffer.alloc() , a remote attacker could exploit this vulnerability to cause the application to hang. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144740> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-7160](<https://vulners.com/cve/CVE-2018-7160>) \n**DESCRIPTION:** Node.js inspector module could allow a remote attacker to bypass security restrictions, caused by the failure to properly validate the Host header. An attacker could exploit this vulnerability to bypass same-origin policy and conduct a DNS rebinding attack. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143447> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-3665](<https://vulners.com/cve/CVE-2018-3665>) \n**DESCRIPTION:** Intel Core-based microprocessors could allow a local attacker to obtain sensitive information, caused by utilizing the Lazy FP state restore technique for floating point state when context switching between application processes. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to determine register values of other processes. Note: This vulnerability is known as LazyFP. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144757> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-14567](<https://vulners.com/cve/CVE-2018-14567>) \n**DESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by an error in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148541> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-14680](<https://vulners.com/cve/CVE-2018-14680>) \n**DESCRIPTION:** An unspecified error in libmspack related to the failure to reject blank CHM filenames has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147668> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-14681](<https://vulners.com/cve/CVE-2018-14681>) \n**DESCRIPTION:** libmspack could allow a remote attacker to overwrite arbitrary files, caused by an error in the kwajd_read_headers function in mspack/kwajd.c in libmspack. An attacker could exploit this vulnerability using bad KWAJ file header extensions to cause a one or two byte overwrite. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147669> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-14679](<https://vulners.com/cve/CVE-2018-14679>) \n**DESCRIPTION:** libmspack is vulnerable to a denial of service, caused by an off-by-one error in the CHM PMGI/PMGL chunk number validity checks in mspack/chmd.c. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147667> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-14682](<https://vulners.com/cve/CVE-2018-14682>) \n**DESCRIPTION:** libmspack is vulnerable to a denial of service, caused by an off-by-one in mspack/chmd.c in the TOLOWER() macro for CHM decompression. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147666> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2017-7526](<https://vulners.com/cve/CVE-2017-7526>) \n**DESCRIPTION:** Libgcrypt could allow a remote attacker to obtain sensitive information, caused by a cache side-channel attack when using left-to-right sliding window method by the RSA-1024 implementation. By running arbitrary software where the private key is used, an attacker could exploit this vulnerability to obtain the RSA private key. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/128271> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-9518](<https://vulners.com/cve/CVE-2018-9518>) \n**DESCRIPTION:** Google Android could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds write flaw in the nfc_llcp_build_sdreq_tlv function in llcp_commands.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/154089> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-0495](<https://vulners.com/cve/CVE-2018-0495>) \n**DESCRIPTION:** GnuPG Libgcrypt could allow a local attacker to obtain sensitive information, caused by a memory-cache side-channel attack on ECDSA signatures in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c. An attacker could exploit this vulnerability to recover ECDSA or DSA private keys. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144828> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1000204](<https://vulners.com/cve/CVE-2018-1000204>) \n**DESCRIPTION:** Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the improper handling of an SG_IO ioctl on /dev/sg0. By sending a specially-crafted argument, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144557> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2017-13695](<https://vulners.com/cve/CVE-2017-13695>) \n**DESCRIPTION:** Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c. By using a specially-rafted ACPI table, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/131022> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-18257](<https://vulners.com/cve/CVE-2017-18257>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the __get_data_block function in fs/f2fs/data.c. By using specially-crafted open and fallocate system calls with an FS_IOC_FIEMAP ioctl, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141431> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM API Connect version 5.0.8.0-5.0.8.4\n\n## Remediation/Fixes\n\nAffected Product | Addressed in VRMF | APAR | Remediation/First Fix \n---|---|---|--- \nIBM API Connect 5.0.8.0-5.0.8.4 | 5.0.8.5 fix pack | LI80564 | \n\nAddressed in IBM API Connect V5.0.8.5 fix pack.\n\nFollow this link and find the APIConnect-Portal package.\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.4&platform=All&function=all&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.4&platform=All&function=all&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-28T17:05:01", "type": "ibm", "title": "Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal's dependencies - Cumulative list from June 28, 2018 to December 13, 2018", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10087", "CVE-2016-7942", "CVE-2016-7943", "CVE-2016-9318", "CVE-2017-13168", "CVE-2017-13695", "CVE-2017-15896", "CVE-2017-18216", "CVE-2017-18255", "CVE-2017-18257", "CVE-2017-18258", "CVE-2017-5715", "CVE-2017-7526", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0737", "CVE-2018-1000168", "CVE-2018-1000204", "CVE-2018-1000222", "CVE-2018-10021", "CVE-2018-10087", "CVE-2018-10124", "CVE-2018-10853", "CVE-2018-10876", "CVE-2018-10877", "CVE-2018-10878", "CVE-2018-10879", "CVE-2018-10880", "CVE-2018-10881", "CVE-2018-10882", "CVE-2018-10902", "CVE-2018-1116", "CVE-2018-1152", "CVE-2018-12115", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-12233", "CVE-2018-13053", "CVE-2018-13094", "CVE-2018-13096", "CVE-2018-13405", "CVE-2018-13406", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-14598", "CVE-2018-14599", "CVE-2018-14600", "CVE-2018-14609", "CVE-2018-14617", "CVE-2018-14618", "CVE-2018-14633", "CVE-2018-14647", "CVE-2018-14679", "CVE-2018-14680", "CVE-2018-14681", "CVE-2018-14682", "CVE-2018-15572", "CVE-2018-15594", "CVE-2018-15687", "CVE-2018-16276", "CVE-2018-16428", "CVE-2018-16429", "CVE-2018-16845", "CVE-2018-17182", "CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314", "CVE-2018-3062", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3640", "CVE-2018-3646", "CVE-2018-3665", "CVE-2018-5390", "CVE-2018-5391", "CVE-2018-5407", "CVE-2018-5711", "CVE-2018-5740", "CVE-2018-5814", "CVE-2018-6554", "CVE-2018-6555", "CVE-2018-7158", "CVE-2018-7159", "CVE-2018-7160", "CVE-2018-7161", "CVE-2018-7167", "CVE-2018-7183", "CVE-2018-7185", "CVE-2018-7603", "CVE-2018-7755", "CVE-2018-9516", "CVE-2018-9518"], "modified": "2019-01-28T17:05:01", "id": "1615871DB6D900C69F1E3E99183BE8581ED1CED870E2C3B0E3B990E1C56F30E0", "href": "https://www.ibm.com/support/pages/node/843434", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "altlinux": [{"lastseen": "2023-05-07T11:47:14", "description": "March 9, 2019 Vitaly Lipatov 10.15.3-alt1\n \n \n - new version 10.15.3 (with rpmrb script)\n - 2018-03-05, Version 10.15.3 'Dubnium' (LTS), @BethGriggs\n - CVE-2019-5737\n - fix rpm's cflags using, add -latomic on mipsel\n - use external gyp\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-09T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 10 package node version 10.15.3-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737"], "modified": "2019-03-09T00:00:00", "id": "FD84E600141040969BADF31E12149E84", "href": "https://packages.altlinux.org/en/p10/srpms/node/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-07T11:47:19", "description": "Nov. 30, 2018 Vitaly Lipatov 10.14.1-alt1\n \n \n - new version 10.14.1 (with rpmrb script)\n - disable internal doc\n - 2018-11-27, Version 10.14.0 'Dubnium' (LTS), @rvagg\n - CVE-2018-12121, CVE-2018-12122, CVE-2018-12123\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-30T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 10 package node version 10.14.1-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2018-11-30T00:00:00", "id": "A7B8708C3AA7EC91AE88B659AC4CBBBB", "href": "https://packages.altlinux.org/en/p10/srpms/node/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-06-23T20:29:27", "description": "It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server's headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of service.\n#### Mitigation\n\nThe use of a Load Balancer or a Reverse Proxy will increase the difficulty of the attack. \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-01T07:37:24", "type": "redhatcve", "title": "CVE-2019-5737", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12122", "CVE-2019-5737"], "modified": "2023-04-06T06:25:36", "id": "RH:CVE-2019-5737", "href": "https://access.redhat.com/security/cve/cve-2019-5737", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:02", "description": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-28T21:36:22", "type": "redhatcve", "title": "CVE-2018-12121", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2023-04-06T05:33:23", "id": "RH:CVE-2018-12121", "href": "https://access.redhat.com/security/cve/cve-2018-12121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2023-08-04T12:28:59", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs8-nodejs (8.16.0). (BZ#1665986, BZ#1710734)\n\nSecurity Fix(es):\n\n* nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link (CVE-2018-20834)\n\n* nodejs: HTTP request splitting (CVE-2018-12116)\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: Slowloris HTTP Denial of Service (CVE-2018-12122)\n\n* nodejs: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)\n\n* nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass (CVE-2019-5737)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-22T13:09:06", "type": "redhat", "title": "(RHSA-2019:1821) Important: rh-nodejs8-nodejs security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-20834", "CVE-2019-5737"], "modified": "2019-07-22T13:29:05", "id": "RHSA-2019:1821", "href": "https://access.redhat.com/errata/RHSA-2019:1821", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-08-04T12:28:04", "description": "The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream.\n\nSecurity Fix(es):\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-05T17:52:33", "type": "redhat", "title": "(RHSA-2019:3497) Moderate: http-parser security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2019-11-05T19:48:17", "id": "RHSA-2019:3497", "href": "https://access.redhat.com/errata/RHSA-2019:3497", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-04T12:28:05", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs10-nodejs (10.16.3).\n\nSecurity Fix(es):\n\n* HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n* HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-30T23:10:11", "type": "redhat", "title": "(RHSA-2019:2939) Important: rh-nodejs10-nodejs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2019-5737", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2020-05-26T07:25:16", "id": "RHSA-2019:2939", "href": "https://access.redhat.com/errata/RHSA-2019:2939", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-27T10:23:57", "description": "The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream.\n\nSecurity Fix(es):\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T08:17:52", "type": "redhat", "title": "(RHSA-2019:2258) Moderate: http-parser security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2019-08-06T09:45:10", "id": "RHSA-2019:2258", "href": "https://access.redhat.com/errata/RHSA-2019:2258", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-04T12:28:05", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: nodejs (10.16.3).\n\nSecurity Fix(es):\n\n* HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n* HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-30T07:07:29", "type": "redhat", "title": "(RHSA-2019:2925) Important: nodejs:10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2021-01-20T15:40:04", "id": "RHSA-2019:2925", "href": "https://access.redhat.com/errata/RHSA-2019:2925", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2023-06-13T16:08:16", "description": "\n\nNode.js reports:\n\nUpdates are now available for all active Node.js release lines. In addition to fixes for security flaws in Node.js, they also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2r which contains a fix for a moderate severity security vulnerability.\nFor these releases, we have decided to withhold the fix for the Misinterpretation of Input (CWE-115) flaw mentioned in the original announcement. This flaw is very low severity and we are not satisfied that we had a complete and stable fix ready for release. We will be seeking to address this flaw via alternate mechanisms in the near future. In addition, we have introduced an additional CVE for a change in Node.js 6 that we have decided to classify as a Denial of Service (CWE-400) flaw.\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible.\nOpenSSL: 0-byte record padding oracle (CVE-2019-1559)\nOpenSSL 1.0.2r contains a fix for CVE-2019-1559 and is included in the releases for Node.js versions 6 and 8 only. Node.js 10 and 11 are not impacted by this vulnerability as they use newer versions of OpenSSL which do not contain the flaw.\nUnder certain circumstances, a TLS server can be forced to respond differently to a client if a zero-byte record is received with an invalid padding compared to a zero-byte record with an invalid MAC. This can be used as the basis of a padding oracle attack to decrypt data.\nOnly TLS connections using certain ciphersuites executing under certain conditions are exploitable. We are currently unable to determine whether the use of OpenSSL in Node.js exposes this vulnerability. We are taking a cautionary approach and recommend the same for users. For more information, see the advisory and a detailed write-up by the reporters of the vulnerability.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-02-28T00:00:00", "type": "freebsd", "title": "Node.js -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-02-28T00:00:00", "id": "B71D7193-3C54-11E9-A3F9-00155D006B02", "href": "https://vuxml.freebsd.org/freebsd/b71d7193-3c54-11e9-a3f9-00155d006b02.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:10:47", "description": "\n\nNode.js reports:\n\nUpdates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement. They also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j.\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible.\nDebugger port 5858 listens on any interface by default (CVE-2018-12120)\nAll versions of Node.js 6 are vulnerable and the severity is HIGH. When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as node --debug=localhost. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable.\nDenial of Service with large HTTP headers (CVE-2018-12121)\nAll versions of 6 and later are vulnerable and the severity is HIGH. By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\nThe total size of HTTP headers received by Node.js now must not exceed 8192 bytes.\n\"Slowloris\" HTTP Denial of Service (CVE-2018-12122)\nAll versions of Node.js 6 and later are vulnerable and the severity is LOW. An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Attack potential is mitigated by the use of a load balancer or other proxy layer.\nA timeout of 40 seconds now applies to servers receiving HTTP headers. This value can be adjusted with server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service.\nHostname spoofing in URL parser for javascript protocol (CVE-2018-12123)\nAll versions of Node.js 6 and later are vulnerable and the severity is LOW. If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case \"javascript:\" (e.g. \"javAscript:\") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.\nHTTP request splitting (CVE-2018-12116)\nNode.js 6 and 8 are vulnerable and the severity is MEDIUM. If Node.js can be convinced to use unsanitized user-provided Unicode data for the path option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.\nOpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735)\nThe OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key.\nOpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734)\nThe OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key.\nOpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)\nOpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side-channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key.\n\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-27T00:00:00", "type": "freebsd", "title": "node.js -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2018-11-27T00:00:00", "id": "2A86F45A-FC3C-11E8-A414-00155D006B02", "href": "https://vuxml.freebsd.org/freebsd/2a86f45a-fc3c-11e8-a414-00155d006b02.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nodejsblog": [{"lastseen": "2023-03-14T04:11:32", "description": "# February 2019 Security Releases\n\nBy Rod Vagg, 2019-02-28\n\n_(Update 28-February-2018)_ **Security releases available**\n\n## Summary\n\nUpdates are now available for all active Node.js release lines. In addition to fixes for security flaws in Node.js, they also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2r which contains a fix for a moderate severity security vulnerability. The original announcement is included below.\n\nFor these releases, we have decided to withhold the fix for the Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) flaw mentioned in the original announcement. This flaw is very low severity and we are not satisfied that we had a complete and stable fix ready for release. We will be seeking to address this flaw via alternate mechanisms in the near future. In addition, we have introduced an additional CVE for a change in Node.js 6 that we have decided to classify as a Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) flaw.\n\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible.\n\n## Downloads & release details\n\nDownloads are available for the following versions. Details of code changes can also be found on each release page.\n\n * [Node.js 11.10.1 (Current)](<https://nodejs.org/en/blog/release/v11.10.1>)\n * [Node.js 10.15.2 (LTS \"Dubnium\")](<https://nodejs.org/en/blog/release/v10.15.2>)\n * [Node.js 8.15.1 (LTS \"Carbon\")](<https://nodejs.org/en/blog/release/v8.15.1>)\n * [Node.js 6.17.0 (LTS \"Boron\")](<https://nodejs.org/en/blog/release/v6.17.0>)\n\n## Node.js: Slowloris HTTP Denial of Service with keep-alive (CVE-2019-5737)\n\n_Categorization: Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>))_\n\nAll actively supported release lines are vulnerable and the severity is LOW. An attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly thereby keeping the connection and associated resources alive for a long period of time. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n\nThis vulnerability is an extension of CVE-2018-12122, addressed in [November, 2018](<https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/>). The 40 second timeout and its adjustment by `server.headersTimeout` apply to this fix as in CVE-2018-12122.\n\nCVE-2018-12122 originally reported by Jan Maybach ([liebdich.com](<https://liebdich.com>)), keep-alive variant reported by [Marco Pracucci](<https://twitter.com/pracucci>) ([Voxnest](<https://voxnest.com>)), fixed by [Matteo Collina](<https://twitter.com/matteocollina>).\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are** vulnerable\n * All versions of Node.js 11 (Current) **are** vulnerable\n\n## Node.js: Denial of Service with keep-alive HTTP connections (CVE-2019-5739)\n\n_Categorization: Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>))_\n\nKeep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated [`server.keepAliveTimeout`](<https://nodejs.org/api/http.html#http_server_keepalivetimeout>) which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service (DoS) attack vector. Node.js 6.17.0 introduces `server.keepAliveTimeout` and the 5-second default.\n\nThe original fix was submitted by [Timur Shemsedinov](<https://github.com/tshemsedinov>) ([nodejs/node#2534](<https://github.com/nodejs/node/pull/2534>)) and backported by [Matteo Collina](<https://twitter.com/matteocollina>).\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are NOT** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are NOT** vulnerable\n * All versions of Node.js 11 (Current) **are NOT** vulnerable\n\n## OpenSSL: 0-byte record padding oracle (CVE-2019-1559)\n\n_Severity: MODERATE_\n\nOpenSSL 1.0.2r contains a fix for [CVE-2019-1559](<https://www.openssl.org/news/secadv/20190226.txt>) and is included in the releases for Node.js versions 6 and 8 only. Node.js 10 and 11 are not impacted by this vulnerability as they use newer versions of OpenSSL which do not contain the flaw.\n\nUnder certain circumstances, a TLS server can be forced to respond differently to a client if a zero-byte record is received with an invalid _padding_ compared to a zero-byte record with an invalid _MAC_. This can be used as the basis of a [padding oracle attack](<https://en.wikipedia.org/wiki/Padding_oracle_attack>) to decrypt data.\n\nOnly TLS connections using certain ciphersuites executing under certain conditions are exploitable. We are currently unable to determine whether the use of OpenSSL in Node.js exposes this vulnerability. We are taking a cautionary approach and recommend the same for users. For more information, see the [advisory](<https://www.openssl.org/news/secadv/20190226.txt>) and a [detailed write-up](<https://github.com/RUB-NDS/TLS-Padding-Oracles>) by the reporters of the vulnerability.\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are NOT** vulnerable\n * All versions of Node.js 11 (Current) **are NOT** vulnerable\n\n## Acknowledgements\n\nMatteo Collina for vulnerability fixes.\n\nShigeki Ohtsu and Sam Roberts for the OpenSSL upgrade.\n\nJan Maybach and Marco Pracucci for reporting vulnerabilities via the appropriate channels (see below).\n\nOther members of the Node.js security team for reviews and discussion.\n\n_**Original post is included below**_\n\n## Summary\n\nThe Node.js project will release new versions of all supported release lines on, or shortly after, Wednesday, February 27th, 2019 UTC. These releases will incorporate at least two security fixes specific to Node.js, the highest severity of which is 'low'.\n\nThe OpenSSL project has announced [releases](<https://mta.openssl.org/pipermail/openssl-announce/2019-February/000145.html>) for the 26th which may impact some release lines of Node.js and require inclusion in our security releases. The highest severity indicated by OpenSSL is ['moderate'](<https://www.openssl.org/policies/secpolicy.html#moderate>) and impacts OpenSSL 1.0.2 which is used by Node.js 6.x and 8.x. A bug-fix release for OpenSSL 1.1.1 will also be made available and we will assess the impact, if any, on Node.js 11.x which uses this version. Node.js 10.x will not be impacted by the OpenSSL releases.\n\n## Impact\n\nReleases for all actively supported release lines will be made available to fix the following vulnerabilities.\n\nAll versions of **Node.js 6 (LTS \"Boron\")** are vulnerable to:\n\n * 1 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerability\n * 1 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerability\n * Possible update to OpenSSL 1.0.2r depending on assessed impact\n\nAll versions of **Node.js 8 (LTS \"Carbon\")** are vulnerable to:\n\n * 1 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerability\n * 1 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerability\n * Possible update to OpenSSL 1.0.2r depending on assessed impact\n\nAll versions of **Node.js 10 (LTS \"Dubnium\")** are vulnerable to:\n\n * 1 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerability\n * 1 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerability\n\nAll versions of **Node.js 11 (Current)** are vulnerable to:\n\n * 1 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerability\n * 1 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerability\n * Possible update to OpenSSL 1.1.1b depending on assessed impact\n\n## Release timing\n\nReleases will be available at, or shortly after, Wednesday, February 27th, 2019 UTC, along with disclosure of the details for the flaws addressed in each release in order to allow for complete impact assessment by users.\n\n## Contact and future updates\n\nThe current Node.js security policy can be found at [https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security](<https://github.com/nodejs/node/blob/HEAD/SECURITY#security>).\n\nPlease contact [email protected] if you wish to report a vulnerability in Node.js.\n\nSubscribe to the low-volume announcement-only nodejs-sec mailing list at <https://groups.google.com/forum/#!forum/nodejs-sec> to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the [nodejs GitHub organization](<https://github.com/nodejs/>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-02-28T00:00:00", "type": "nodejsblog", "title": "February 2019 Security Releases", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12122", "CVE-2019-1559", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-02-28T00:00:00", "id": "NODEJSBLOG:FEBRUARY-2019-SECURITY-RELEASES", "href": "https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-14T04:11:32", "description": "# November 2018 Security Releases\n\nBy Rod Vagg, 2018-11-28\n\n_(Update 27-November-2018)_ **Security releases available**\n\n## Summary\n\nUpdates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement (below). They also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j.\n\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible.\n\n## Downloads & release details\n\nDownloads are available for the following versions. Details of code changes can also be found on each release page.\n\n * [Node.js 11.3.0 (Current)](<https://nodejs.org/en/blog/release/v11.3.0>)\n * [Node.js 10.14.0 (LTS \"Dubnium\")](<https://nodejs.org/en/blog/release/v10.14.0>)\n * [Node.js 8.14.0 (LTS \"Carbon\")](<https://nodejs.org/en/blog/release/v8.14.0>)\n * [Node.js 6.15.0 (LTS \"Boron\")](<https://nodejs.org/en/blog/release/v6.15.0>)\n\n_**Note (3-December-2018):**_ _Node.js 6.15.1 (LTS \"Boron\") was released to fix a misapplied backport for one of the fixes listed below. See the release page for more information._\n\n## Debugger port 5858 listens on any interface by default (CVE-2018-12120)\n\n_Categorization: Unprotected Primary Channel ([CWE-419](<https://cwe.mitre.org/data/definitions/419.html>))_\n\nAll versions of Node.js 6 are vulnerable and the severity is HIGH. When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as `node --debug=localhost`. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable.\n\nReported and fixed by [Ben Noordhuis](<https://github.com/bnoordhuis>).\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are NOT** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are NOT** vulnerable\n * All versions of Node.js 11 (Current) **are NOT** vulnerable\n\n## Denial of Service with large HTTP headers (CVE-2018-12121)\n\n_Categorization: Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>))_\n\nAll versions of 6 and later are vulnerable and the severity is HIGH. By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n\nThe total size of HTTP headers received by Node.js now must not exceed 8192 bytes.\n\nReported by [Trevor Norris](<https://github.com/trevnorris>), fixed by [Matteo Collina](<https://twitter.com/matteocollina>).\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are** vulnerable\n * All versions of Node.js 11 (Current) **are** vulnerable\n\n## \"Slowloris\" HTTP Denial of Service (CVE-2018-12122)\n\n_Categorization: Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>))_\n\nAll versions of Node.js 6 and later are vulnerable and the severity is LOW. An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n\nA timeout of 40 seconds now applies to servers receiving HTTP headers. This value can be adjusted with `server.headersTimeout`. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with `server.setTimeout()`, this aids in protecting against excessive resource retention and possible Denial of Service.\n\nReported by Jan Maybach ([liebdich.com](<https://liebdich.com>)), fixed by [Matteo Collina](<https://twitter.com/matteocollina>).\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are** vulnerable\n * All versions of Node.js 11 (Current) **are** vulnerable\n\n## Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)\n\n_Categorization: Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>))_\n\nAll versions of Node.js 6 and later are vulnerable and the severity is LOW. If a Node.js application is using `url.parse()` to determine the URL hostname, that hostname can be spoofed by using a mixed case \"javascript:\" (e.g. \"javAscript:\") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.\n\nReported by [Martin Bajanik](<https://twitter.com/_bayotop>) ([Kentico](<https://kenticocloud.com/>)), fixed by [Matteo Collina](<https://twitter.com/matteocollina>).\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are** vulnerable\n * All versions of Node.js 11 (Current) **are** vulnerable\n\n## HTTP request splitting (CVE-2018-12116)\n\n_Categorization: Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>))_\n\nNode.js 6 and 8 are vulnerable and the severity is MEDIUM. If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.\n\nReported as security concern for Node.js 6 and 8 by [Arkadiy Tetelman](<https://twitter.com/arkadiyt>) ([Lob](<https://lob.com>)), fixed by backporting a change by [Benno F\u00fcnfst\u00fcck](<https://github.com/bennofs>) applied to Node.js 10 and later.\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are NOT** vulnerable\n * All versions of Node.js 11 (Current) **are NOT** vulnerable\n\n## OpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735)\n\n_Severity: LOW_\n\nThe OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key.\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are NOT** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are NOT** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are** vulnerable\n * All versions of Node.js 11 (Current) **are** vulnerable\n\n## OpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734)\n\n_Severity: LOW_\n\nThe OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key.\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") **are** vulnerable\n * All versions of Node.js 11 (Current) **are** vulnerable\n\n## OpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)\n\n_Severity: LOW_\n\nOpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side-channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key.\n\n**Impact:**\n\n * All versions of Node.js 6 (LTS \"Boron\") **are** vulnerable\n * All versions of Node.js 8 (LTS \"Carbon\") **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") up to 10.8.0 **are** vulnerable\n * All versions of Node.js 10 (LTS \"Dubnium\") from 10.9.0 **are NOT** vulnerable\n * All versions of Node.js 11 (Current) **are NOT** vulnerable\n\n## Acknowledgements\n\nMatteo Collina for a significant amount of work fixing vulnerabilities.\n\nSam Roberts for the OpenSSL upgrades, other code contributions and assisting in the preparion of these releases.\n\nBen Noordhuis, Fedor Indutny and Benno F\u00fcnfst\u00fcck for code contributions.\n\nTrevor Norris, Jan Maybach, Martin Bajanik, Arkadiy Tetelman for reporting vulnerabilities via the appropriate channels (see below).\n\n_**Original post is included below**_\n\n## Summary\n\nNode.js will release new versions of all supported release lines on, or shortly after, November 27th, 2018 UTC. These releases will incorporate a number of security fixes specific to Node.js, as well as the updates to OpenSSL that were released today, November 20th, 2018.\n\nOpenSSL [1.0.2q](<https://www.openssl.org/news/openssl-1.0.2-notes.html>) and [1.1.0j](<https://www.openssl.org/news/openssl-1.1.0-notes.html>) include fixes for previously disclosed low-severity timing vulnerabilities. See the [OpenSSL release announcement](<https://mta.openssl.org/pipermail/openssl-announce/2018-November/000138.html>).\n\n## Impact\n\nReleases for all actively supported release lines will be made available to fix the following vulnerabilities.\n\nAll versions of **Node.js 6 (LTS \"Boron\")** are vulnerable to:\n\n * 2 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerabilities\n * 2 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerabilities\n * 1 Unprotected Primary Channel ([CWE-419](<https://cwe.mitre.org/data/definitions/419.html>)) vulnerability\n\nAll versions of **Node.js 8 (LTS \"Carbon\")** are vulnerable to:\n\n * 2 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerabilities\n * 2 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerabilities\n\nAll versions of **Node.js 10 (LTS \"Dubnium\")** are vulnerable to:\n\n * 2 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerabilities\n * 1 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerability\n\nAll versions of **Node.js 11 (Current)** are vulnerable to:\n\n * 2 Uncontrolled Resource Consumption / Denial of Service ([CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)) vulnerabilities\n * 1 Misinterpretation of Input ([CWE-115](<https://cwe.mitre.org/data/definitions/115.html>)) vulnerability\n\n## Release timing\n\nReleases will be available at, or shortly after, the 27th of November, 2018 UTC, along with disclosure of the details for the flaws addressed in each release in order to allow for complete impact assessment by users.\n\n## Contact and future updates\n\nThe current Node.js security policy can be found at [https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security](<https://github.com/nodejs/node/blob/HEAD/SECURITY#security>).\n\nPlease contact [email protected] if you wish to report a vulnerability in Node.js.\n\nSubscribe to the low-volume announcement-only nodejs-sec mailing list at <https://groups.google.com/forum/#!forum/nodejs-sec> to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the [nodejs GitHub organization](<https://github.com/nodejs/>).\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-28T00:00:00", "type": "nodejsblog", "title": "November 2018 Security Releases", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2018-11-28T00:00:00", "id": "NODEJSBLOG:NOVEMBER-2018-SECURITY-RELEASES", "href": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-06-23T14:16:17", "description": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-28T17:29:00", "type": "cve", "title": "CVE-2018-12121", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2022-09-06T17:54:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:8.2", "cpe:/o:redhat:enterprise_linux_server_tus:8.4", "cpe:/o:redhat:enterprise_linux_server_aus:8.4", "cpe:/o:redhat:enterprise_linux_eus:8.6", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_eus:8.4", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_eus:8.1", "cpe:/o:redhat:enterprise_linux_server_tus:8.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server_aus:8.2", "cpe:/o:redhat:enterprise_linux_server_tus:8.2", "cpe:/o:redhat:enterprise_linux_server_aus:8.6"], "id": "CVE-2018-12121", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2021-07-28T14:25:06", "description": "[2.8.0-5]\n- Resolves: rhbz#1686488: 'make test' fails with stringop-overflow error\n[2.8.0-4]\n- Resolves: rhbz#1666382: CVE-2018-12121 http-parser: nodejs: Denial of\n Service with large HTTP headers [rhel-8]\n[2.8.0-3]\n- spec: make the check phase conditional", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-11-14T00:00:00", "type": "oraclelinux", "title": "http-parser security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121"], "modified": "2019-11-14T00:00:00", "id": "ELSA-2019-3497", "href": "http://linux.oracle.com/errata/ELSA-2019-3497.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:24:48", "description": "[2.7.1-8]\n- Backport needed test fixes\n- Related: rhbz#1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser\n allowed for spaces inside Content-Length header\n values [rhel-7]\n[2.7.1-7]\n- Resolves: rhbz#1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser\n allowed for spaces inside Content-Length header\n values [rhel-7]\n[2.7.1-6]\n- Resolves: rhbz#1666381 - CVE-2018-12121 http-parser: nodejs: Denial of\n Service with large HTTP headers [rhel-7]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-13T00:00:00", "type": "oraclelinux", "title": "http-parser security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2019-08-13T00:00:00", "id": "ELSA-2019-2258", "href": "http://linux.oracle.com/errata/ELSA-2019-2258.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "photon": [{"lastseen": "2023-09-26T13:55:21", "description": "Updates of ['ncurses', 'yum', 'libsoup', 'binutils', 'python2', 'postgresql', 'nodejs'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-20T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0190", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1910", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2019-10208", "CVE-2019-17266", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-5010", "CVE-2019-5737"], "modified": "2019-11-20T00:00:00", "id": "PHSA-2019-0190", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-190", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-03T11:50:11", "description": "An update of {'libsoup', 'postgresql', 'yum', 'nodejs', 'libxslt', 'binutils', 'libarchive', 'python2'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-20T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0257", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1910", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2019-10208", "CVE-2019-17266", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-18197", "CVE-2019-18408", "CVE-2019-5010", "CVE-2019-5737"], "modified": "2019-11-20T00:00:00", "id": "PHSA-2019-1.0-0257", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-257", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-03T20:59:45", "description": "An update of {'python2', 'libsoup', 'postgresql', 'binutils', 'nodejs', 'yum', 'ncurses'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-20T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0190", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1910", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2019-10208", "CVE-2019-17266", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-5010", "CVE-2019-5737"], "modified": "2019-11-20T00:00:00", "id": "PHSA-2019-2.0-0190", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-190", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-26T17:08:02", "description": "Updates of ['yum', 'linux', 'subversion', 'libarchive', 'libxslt', 'binutils', 'linux-esx', 'nodejs', 'python2', 'postgresql', 'libsoup'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-20T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0257", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1910", "CVE-2018-11803", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2019-10208", "CVE-2019-17266", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-18197", "CVE-2019-18282", "CVE-2019-18408", "CVE-2019-5010", "CVE-2019-5737"], "modified": "2019-11-20T00:00:00", "id": "PHSA-2019-0257", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-257", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2023-06-23T15:32:54", "description": "**Issue Overview:**\n\nNode.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.(CVE-2018-12121)\n\nIt was found that the http module from Node.js could accept incorrect Content-Length values, containing spaces within the value, in HTTP headers. A specially crafted client could use this flaw to possibly confuse the script, causing unspecified behavior.(CVE-2018-7159)\n\n \n**Affected Packages:** \n\n\nhttp-parser\n\n \n**Issue Correction:** \nRun _yum update http-parser_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 http-parser-2.7.1-8.amzn2.aarch64 \n \u00a0\u00a0\u00a0 http-parser-devel-2.7.1-8.amzn2.aarch64 \n \u00a0\u00a0\u00a0 http-parser-debuginfo-2.7.1-8.amzn2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 http-parser-2.7.1-8.amzn2.i686 \n \u00a0\u00a0\u00a0 http-parser-devel-2.7.1-8.amzn2.i686 \n \u00a0\u00a0\u00a0 http-parser-debuginfo-2.7.1-8.amzn2.i686 \n \n src: \n \u00a0\u00a0\u00a0 http-parser-2.7.1-8.amzn2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 http-parser-2.7.1-8.amzn2.x86_64 \n \u00a0\u00a0\u00a0 http-parser-devel-2.7.1-8.amzn2.x86_64 \n \u00a0\u00a0\u00a0 http-parser-debuginfo-2.7.1-8.amzn2.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2018-12121](<https://access.redhat.com/security/cve/CVE-2018-12121>), [CVE-2018-7159](<https://access.redhat.com/security/cve/CVE-2018-7159>)\n\nMitre: [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>), [CVE-2018-7159](<https://vulners.com/cve/CVE-2018-7159>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-21T18:01:00", "type": "amazon", "title": "Medium: http-parser", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2019-10-23T23:46:00", "id": "ALAS2-2019-1322", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1322.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T17:31:49", "description": "**Issue Overview:**\n\nA flaw was found in the Node.js code where a specially crafted HTTP(s) request sent to a Node.js server failed to properly process the HTTP(s) headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is deployed behind a proxy server that reuses connections. (CVE-2019-15605)\n\nNode.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. (CVE-2018-12121)\n\nIt was found that the http module from Node.js could accept incorrect Content-Length values, containing spaces within the value, in HTTP headers. A specially crafted client could use this flaw to possibly confuse the script, causing unspecified behavior. (CVE-2018-7159)\n\n \n**Affected Packages:** \n\n\nhttp-parser\n\n \n**Issue Correction:** \nRun _yum update http-parser_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 http-parser-debuginfo-2.9.3-1.2.amzn1.i686 \n \u00a0\u00a0\u00a0 http-parser-devel-2.9.3-1.2.amzn1.i686 \n \u00a0\u00a0\u00a0 http-parser-2.9.3-1.2.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 http-parser-2.9.3-1.2.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 http-parser-2.9.3-1.2.amzn1.x86_64 \n \u00a0\u00a0\u00a0 http-parser-debuginfo-2.9.3-1.2.amzn1.x86_64 \n \u00a0\u00a0\u00a0 http-parser-devel-2.9.3-1.2.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2018-12121](<https://access.redhat.com/security/cve/CVE-2018-12121>), [CVE-2018-7159](<https://access.redhat.com/security/cve/CVE-2018-7159>), [CVE-2019-15605](<https://access.redhat.com/security/cve/CVE-2019-15605>)\n\nMitre: [CVE-2018-12121](<https://vulners.com/cve/CVE-2018-12121>), [CVE-2018-7159](<https://vulners.com/cve/CVE-2018-7159>), [CVE-2019-15605](<https://vulners.com/cve/CVE-2019-15605>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-20T19:21:00", "type": "amazon", "title": "Important: http-parser", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159", "CVE-2019-15605"], "modified": "2020-04-23T23:03:00", "id": "ALAS-2020-1359", "href": "https://alas.aws.amazon.com/ALAS-2020-1359.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2023-09-07T15:41:14", "description": "**CentOS Errata and Security Advisory** CESA-2019:2258\n\n\nThe http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream.\n\nSecurity Fix(es):\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2019-September/085601.html\n\n**Affected packages:**\nhttp-parser\nhttp-parser-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2019:2258", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-18T20:20:44", "type": "centos", "title": "http security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12121", "CVE-2018-7159"], "modified": "2019-09-18T20:20:44", "id": "CESA-2019:2258", "href": "https://lists.centos.org/pipermail/centos-announce/2019-September/085601.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2023-09-28T05:24:30", "description": "This update provides nodejs v6.17.1 fixing at least the following security issues: The c-ares function ares_parse_naptr_reply(), which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer (CVE-2017-1000381) Fix for 'path' module regular expression denial of service (CVE-2018-7158) Reject spaces in HTTP Content-Length header values (CVE-2018-7159) Fix for inspector DNS rebinding vulnerability (CVE-2018-7160) buffer: Fixes Denial of Service vulnerability where calling Buffer.fill() could hang (CVE-2018-7167) buffer: Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2 encoding (CVE-2018-12115) Node.js: HTTP request splitting (CVE-2018-12116) Node.js: Debugger port 5858 listens on any interface by default (CVE-2018-12120) Node.js: Denial of Service with large HTTP headers (CVE-2018-12121) Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122) Node.js: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123) Node.js: Slowloris HTTP Denial of Service with keep-alive (CVE-2019-5737) Node.js: Denial of Service with keep-alive HTTP connections (CVE-2019-5739) For other fixes in this update, see the referenced release logs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-09-15T13:24:16", "type": "mageia", "title": "Updated nodejs packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000381", "CVE-2018-12115", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-7158", "CVE-2018-7159", "CVE-2018-7160", "CVE-2018-7167", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2019-09-15T13:24:16", "id": "MGASA-2019-0277", "href": "https://advisories.mageia.org/MGASA-2019-0277.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-09-12T00:43:30", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * nodejs \\- evented I/O for V8 javascript\n\nAlexander Minozhenko and James Bunton discovered that Node.js did not \nproperly handle wildcards in name fields of X.509 TLS certificates. An \nattacker could use this vulnerability to execute a machine-in-the-middle- \nattack. This issue only affected Ubuntu 14.04 ESM and 16.04 ESM. (CVE-2016-7099)\n\nIt was discovered that Node.js incorrectly handled certain NAPTR responses. \nA remote attacker could possibly use this issue to cause applications using \nNode.js to crash, resulting in a denial of service. This issue only affected \nUbuntu 16.04 ESM. (CVE-2017-1000381)\n\nNikita Skovoroda discovered that Node.js mishandled certain input, leading \nto an out of bounds write. An attacker could use this vulnerability to \ncause a denial of service (crash) or possibly execute arbitrary code. This \nissue was only fixed in Ubuntu 18.04 ESM. (CVE-2018-12115)\n\nArkadiy Tetelman discovered that Node.js improperly handled certain \nmalformed HTTP requests. An attacker could use this vulnerability to inject \nunexpected HTTP requests. This issue only affected Ubuntu 18.04 ESM. \n(CVE-2018-12116)\n\nJan Maybach discovered that Node.js did not time out if incomplete \nHTTP/HTTPS headers were received. An attacker could use this vulnerability \nto cause a denial of service by keeping HTTP/HTTPS connections alive for a \nlong period of time. This issue was only fixed in Ubuntu 18.04 ESM. \n(CVE-2018-12122)\n\nMartin Bajanik discovered that the url.parse() method would return \nincorrect results if it received specially crafted input. An attacker could \nuse this vulnerability to spoof the hostname and bypass hostname-specific \nsecurity controls. This issue was only fixed in Ubuntu 18.04 ESM. \n(CVE-2018-12123)\n\nIt was discovered that Node.js is vulnerable to a DNS rebinding attack which \ncould be exploited to perform remote code execution. An attack is possible \nfrom malicious websites open in a web browser with network access to the system \nrunning the Node.js process. This issue only affected Ubuntu 18.04 ESM. \n(CVE-2018-7160)\n\nIt was discovered that the Buffer.fill() and Buffer.alloc() methods \nimproperly handled certain inputs. An attacker could use this vulnerability \nto cause a denial of service. This issue was only fixed in Ubuntu 18.04 ESM. \n(CVE-2018-7167)\n\nMarco Pracucci discovered that Node.js mishandled HTTP and HTTPS \nconnections. An attacker could use this vulnerability to cause a denial of \nservice. This issue was only fixed in Ubuntu 18.04 ESM. (CVE-2019-5737)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-15T00:00:00", "type": "ubuntu", "title": "Node.js vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7099", "CVE-2017-1000381", "CVE-2018-12115", "CVE-2018-12116", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-7160", "CVE-2018-7167", "CVE-2019-5737"], "modified": "2021-03-15T00:00:00", "id": "USN-4796-1", "href": "https://ubuntu.com/security/notices/USN-4796-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2023-06-23T16:31:31", "description": "### Background\n\nNode.js is a JavaScript runtime built on Chrome\u2019s V8 JavaScript engine. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly write arbitrary files, cause a Denial of Service condition or can conduct HTTP request splitting attacks. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Node.js <12.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/nodejs-10.19.0\"\n \n\nAll Node.js 12.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/nodejs-12.15.0\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-20T00:00:00", "type": "gentoo", "title": "Node.js: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12115", "CVE-2018-12116", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-7161", "CVE-2018-7162", "CVE-2018-7164", "CVE-2018-7167", "CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16777", "CVE-2019-5737", "CVE-2019-5739"], "modified": "2020-03-20T00:00:00", "id": "GLSA-202003-48", "href": "https://security.gentoo.org/glsa/202003-48", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "rocky": [{"lastseen": "2023-07-24T17:31:39", "description": "An update is available for nodejs-nodemon, nodejs-packaging.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nNode.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: nodejs (10.16.3).\n\nSecurity Fix(es):\n\n* HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n* HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-30T07:07:29", "type": "rocky", "title": "nodejs:10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5737", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2019-09-30T07:07:29", "id": "RLSA-2019:2925", "href": "https://errata.rockylinux.org/RLSA-2019:2925", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
CVE-2019-5737
