DATABASE RESOURCES PRICING ABOUT US

{"id": "DEFDCD26C45B3B0682E2C6442165C4FAD4F22E5706D69FE7837EA5D52ADE831B", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Medium/low severity vulnerabilities in libraries used by IBM Spectrum Discover (libraries of libraries)", "description": "## Summary\n\nVulnerabilities in libraries used by libraries in IBM Spectrum Discover allow to a remote attackers by conduct of methodes like phishing attacks,brute force attack or execution of arbitrary code to get sensitive information, denial service condition, and other problems.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-7789](<https://vulners.com/cve/CVE-2020-7789>) \n** DESCRIPTION: **node-notifier could allow a remote attacker to execute arbitrary commands on the system, caused by improper sanitization of options params. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193001](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193001>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-21270](<https://vulners.com/cve/CVE-2018-21270>) \n** DESCRIPTION: **Node.js stringstream module is vulnerable to a denial of service, caused by a out-of-bounds read flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition or obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144304](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144304>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2019-20149](<https://vulners.com/cve/CVE-2019-20149>) \n** DESCRIPTION: **kind-of could allow a remote attacker to bypass security restrictions, caused by improper validation of user supplied input in ctorName in index.js. By sending a specially-crafted payload, an attacker could exploit this vulnerability to overwrite the builtin attribute to manipulate the type detection result. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-10747](<https://vulners.com/cve/CVE-2019-10747>) \n** DESCRIPTION: **Node.js set-value module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167421](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167421>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-7754](<https://vulners.com/cve/CVE-2020-7754>) \n** DESCRIPTION: **Node.js npm-user-validate module is vulnerable to a denial of service, caused by a flaw when processing long input strings begin with @ characters for user emails. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189917](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189917>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-1000620](<https://vulners.com/cve/CVE-2018-1000620>) \n** DESCRIPTION: **Cryptiles is vulnerable to a brute force attack, caused by insufficient entropy in randomDigits() method. A remote attacker could exploit this vulnerability using brute force techniques to obtain sensitive information. \nCVSS Base score: 4.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148075](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148075>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-18869](<https://vulners.com/cve/CVE-2017-18869>) \n** DESCRIPTION: **chownr package for Node.js could allow a local attacker to launch a symlink attack, caused by a TOCTOU issue. A local attacker could exploit this vulnerability using symlink attacks to trick the library into descending into unintended directories. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184298](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184298>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-33587](<https://vulners.com/cve/CVE-2021-33587>) \n** DESCRIPTION: **An unspecified error related to the failure to ensure that attribute parsing has Linear Time Complexity in Node.js css-what module has an unknown impact and attack vector. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202757](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202757>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2018-16492](<https://vulners.com/cve/CVE-2018-16492>) \n** DESCRIPTION: **Node.js extend module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/156534](<https://exchange.xforce.ibmcloud.com/vulnerabilities/156534>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2021-23364](<https://vulners.com/cve/CVE-2021-23364>) \n** DESCRIPTION: **Browserslist is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) during parsing of queries. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200951](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200951>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-0512](<https://vulners.com/cve/CVE-2022-0512>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improperly handeling username and password. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219768](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219768>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-0686](<https://vulners.com/cve/CVE-2022-0686>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by an issue with unable to find the correct hostname when no port number is provided in the url. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform SSRF, open redirect or other attacks depends on the hostname field of parsed url. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220105](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220105>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-0691](<https://vulners.com/cve/CVE-2022-0691>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improper validation of \\b (backspace) character. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation and leads to false positive in the extractProtocol() function. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-0639](<https://vulners.com/cve/CVE-2022-0639>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by incorrect conversion of @ in protocol in the href. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20821](<https://vulners.com/cve/CVE-2018-20821>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2020-24025](<https://vulners.com/cve/CVE-2020-24025>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19838](<https://vulners.com/cve/CVE-2018-19838>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11694](<https://vulners.com/cve/CVE-2018-11694>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Functions::selector_append. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20190](<https://vulners.com/cve/CVE-2018-20190>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Eval::operator() in eval.cpp. By using a specially crafted sass input file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35065](<https://vulners.com/cve/CVE-2021-35065>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service, caused by an error in the enclosure regex. By sending a specially crafted string prepended with the letter \"A\", a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208298](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208298>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28469](<https://vulners.com/cve/CVE-2020-28469>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-16777](<https://vulners.com/cve/CVE-2019-16777>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent existing globally-installed binaries to be overwritten by other package installations. An attacker could exploit this vulnerability to bypass filesystem access restrictions to overwrite an existing binary with a globally-installed package. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173159](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173159>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-15095](<https://vulners.com/cve/CVE-2020-15095>) \n** DESCRIPTION: **Node.js npm CLI module could allow a local attacker to obtain sensitive information, caused by the storing of user credentials in the log file. By persuading a victim to open a log file, an attacker could exploit this vulnerability to obtain user credentials. \nCVSS Base score: 4.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184666](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-16775](<https://vulners.com/cve/CVE-2019-16775>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by an arbitrary file overwrite vulnerability. An attacker could exploit this vulnerability to bypass filesystem access restrictions to create symlinks to files outside of the node_modules folder through the bin field upon installation. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173163](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173163>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-16776](<https://vulners.com/cve/CVE-2019-16776>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent access to folders outside of the intended node_modules folder through the bin field. An attacker could exploit this vulnerability to gain access to folders outside of the intended node_modules folder through the bin field. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173161](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173161>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-16489](<https://vulners.com/cve/CVE-2018-16489>) \n** DESCRIPTION: **Node.js just-extend module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/156531](<https://exchange.xforce.ibmcloud.com/vulnerabilities/156531>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-10746](<https://vulners.com/cve/CVE-2019-10746>) \n** DESCRIPTION: **Node.js mixin-deep module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167420](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167420>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10742](<https://vulners.com/cve/CVE-2019-10742>) \n** DESCRIPTION: **Axios is vulnerable to a denial of service, caused by an issue with continuing to accept content after maxContentLength is exceeded. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-28168](<https://vulners.com/cve/CVE-2020-28168>) \n** DESCRIPTION: **Node.js axios module is vulnerable to server-side request forgery, caused by improper input validation. By providing a URL that responds with a redirect to a restricted host or IP address, an attacker could exploit this vulnerability to conduct SSRF attack to bypass a proxy. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191660>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-23343](<https://vulners.com/cve/CVE-2021-23343>) \n** DESCRIPTION: **path-parse is vulnerable to a denial of service. By sending a specially-crafted request via splitDeviceRe, splitTailRe, and splitPathRe regular expressions, a remote attacker could exploit this vulnerability to cause a regular expression denial of service (ReDoS). \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201206](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201206>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-23566](<https://vulners.com/cve/CVE-2021-23566>) \n** DESCRIPTION: **Nanoid could allow a local attacker to obtain sensitive information, caused by a flaw in the valueOf() function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217348](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217348>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-3728](<https://vulners.com/cve/CVE-2018-3728>) \n** DESCRIPTION: **Node.js hoek module is vulnerable to a denial of service, caused by a prototype pollution attack in the merge, applyToDefaults and applyToDefaultsWithShallow functions. By sending a specially crafted JSON string, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139127](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139127>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nSpectrum Discover| 2.0.4 \nSpectrum Discover| 2.0.4.1 \nSpectrum Discover| 2.0.4.2 \nSpectrum Discover| 2.0.4.3 \nSpectrum Discover| 2.0.4.4 \nSpectrum Discover| 2.0.4.5 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading. \n\nInstalled versions of IBM Spectrum Discover (2.0.4, 2.0.4.1, 2.0.4.2, 2.0.4.3, 2.0.4.4,2.0.4.5) can be upgraded to fixed version using [IBM Spectrum Discover 2.0.4.6 upgrader.](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Discover&release=2.0.4.6&platform=All&function=all> \"IBM Spectrum Discover 2.0.4.6 upgrader.\" ) and following the steps provided in our documentation ([IBM Spectrum Discover Documentation](<https://www.ibm.com/docs/en/spectrum-discover/2.0.4?topic=upgrading> \"\" )).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2022-04-27T22:51:43", "modified": "2022-04-27T22:51:43", "epss": [{"cve": "CVE-2017-18869", "epss": 0.00042, "percentile": 0.05786, "modified": "2023-12-06"}, {"cve": "CVE-2018-11694", "epss": 0.00209, "percentile": 0.58618, "modified": "2023-12-06"}, {"cve": "CVE-2018-11698", "epss": 0.00217, "percentile": 0.59484, "modified": "2023-12-06"}, {"cve": "CVE-2018-16489", "epss": 0.0039, "percentile": 0.7031, "modified": "2023-12-06"}, {"cve": "CVE-2018-16492", "epss": 0.0039, "percentile": 0.7031, "modified": "2023-12-06"}, {"cve": "CVE-2018-19797", "epss": 0.00299, "percentile": 0.66036, "modified": "2023-12-06"}, {"cve": "CVE-2018-19827", "epss": 0.00384, "percentile": 0.70067, "modified": "2023-12-06"}, {"cve": "CVE-2018-19838", "epss": 0.0028, "percentile": 0.64854, "modified": "2023-12-06"}, {"cve": "CVE-2018-19839", "epss": 0.00353, "percentile": 0.68803, "modified": "2023-12-06"}, {"cve": "CVE-2018-20190", "epss": 0.01146, "percentile": 0.83098, "modified": "2023-12-06"}, {"cve": "CVE-2018-20821", "epss": 0.00241, "percentile": 0.61889, "modified": "2023-12-06"}, {"cve": "CVE-2018-21270", "epss": 0.00211, "percentile": 0.58761, "modified": "2023-12-06"}, {"cve": "CVE-2018-3728", "epss": 0.01021, "percentile": 0.82036, "modified": "2023-12-06"}, {"cve": "CVE-2019-16775", "epss": 0.00186, "percentile": 0.55621, "modified": "2023-12-06"}, {"cve": "CVE-2019-16776", "epss": 0.00109, "percentile": 0.43596, "modified": "2023-12-06"}, {"cve": "CVE-2019-16777", "epss": 0.00192, "percentile": 0.5662, "modified": "2023-12-06"}, {"cve": "CVE-2019-20149", "epss": 0.00091, "percentile": 0.37962, "modified": "2023-12-06"}, {"cve": "CVE-2019-6283", "epss": 0.0024, "percentile": 0.61788, "modified": "2023-12-06"}, {"cve": "CVE-2019-6284", "epss": 0.0024, "percentile": 0.61788, "modified": "2023-12-06"}, {"cve": "CVE-2019-6286", "epss": 0.0024, "percentile": 0.61788, "modified": "2023-12-06"}, {"cve": "CVE-2020-15095", "epss": 0.00047, "percentile": 0.14263, "modified": "2023-12-06"}, {"cve": "CVE-2020-24025", "epss": 0.00084, "percentile": 0.3486, "modified": "2023-12-06"}, {"cve": "CVE-2020-28168", "epss": 0.00227, "percentile": 0.60711, "modified": "2023-12-06"}, {"cve": "CVE-2020-28469", "epss": 0.0107, "percentile": 0.82495, "modified": "2023-12-06"}, {"cve": "CVE-2020-7754", "epss": 0.00315, "percentile": 0.669, "modified": "2023-12-06"}, {"cve": "CVE-2020-7789", "epss": 0.00198, "percentile": 0.57415, "modified": "2023-12-06"}, {"cve": "CVE-2021-23343", "epss": 0.00212, "percentile": 0.58835, "modified": "2023-12-06"}, {"cve": "CVE-2021-23364", "epss": 0.00194, "percentile": 0.57039, "modified": "2023-12-06"}, {"cve": "CVE-2021-23566", "epss": 0.00052, "percentile": 0.17774, "modified": "2023-12-06"}, {"cve": "CVE-2021-33587", "epss": 0.00105, "percentile": 0.42396, "modified": "2023-12-06"}, {"cve": "CVE-2021-35065", "epss": 0.00056, "percentile": 0.21301, "modified": "2023-12-06"}, {"cve": "CVE-2022-0512", "epss": 0.0008, "percentile": 0.33306, "modified": "2023-12-06"}, {"cve": "CVE-2022-0639", "epss": 0.0008, "percentile": 0.33306, "modified": "2023-12-06"}, {"cve": "CVE-2022-0686", "epss": 0.00126, "percentile": 0.46876, "modified": "2023-12-06"}, {"cve": "CVE-2022-0691", "epss": 0.00236, "percentile": 0.61478, "modified": "2023-12-06"}], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/6575649", "reporter": "IBM", "references": [], "cvelist": ["CVE-2017-18869", "CVE-2018-1000620", "CVE-2018-11694", "CVE-2018-11698", "CVE-2018-16489", "CVE-2018-16492", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-21270", "CVE-2018-3728", "CVE-2019-10742", "CVE-2019-10746", "CVE-2019-10747", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2019-20149", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-15095", "CVE-2020-24025", "CVE-2020-28168", "CVE-2020-28469", "CVE-2020-7754", "CVE-2020-7789", "CVE-2021-23343", "CVE-2021-23364", "CVE-2021-23566", "CVE-2021-33587", "CVE-2021-35065", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691"], "immutableFields": [], "lastseen": "2023-12-06T23:14:56", "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:0579", "ALSA-2020:4272", "ALSA-2021:0548", "ALSA-2021:0549", "ALSA-2021:0551", "ALSA-2021:3623", "ALSA-2021:3666", "ALSA-2021:5171", "ALSA-2022:0350", "ALSA-2022:6595", "ALSA-2023:1582", "ALSA-2023:1583", "ALSA-2023:1743", "ALSA-2023:2654"]}, {"type": "broadcom", "idList": ["BSNSA22243"]}, {"type": "cbl_mariner", "idList": ["CBLMARINER:27684"]}, {"type": "cnvd", "idList": ["CNVD-2022-13379", "CNVD-2022-15960"]}, {"type": "cve", "idList": ["CVE-2017-18869", "CVE-2018-1000620", "CVE-2018-11694", "CVE-2018-11698", "CVE-2018-16489", "CVE-2018-16492", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-21270", "CVE-2018-3728", "CVE-2019-10742", "CVE-2019-10746", "CVE-2019-10747", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2019-20149", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-15095", "CVE-2020-24025", "CVE-2020-28168", "CVE-2020-28469", "CVE-2020-7754", "CVE-2020-7789", "CVE-2021-23343", "CVE-2021-23364", "CVE-2021-23440", "CVE-2021-23566", "CVE-2021-33587", "CVE-2021-35065", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3336-1:46072"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-18869", "DEBIANCVE:CVE-2018-11694", "DEBIANCVE:CVE-2018-11698", "DEBIANCVE:CVE-2018-16492", "DEBIANCVE:CVE-2018-19797", "DEBIANCVE:CVE-2018-19827", "DEBIANCVE:CVE-2018-19838", "DEBIANCVE:CVE-2018-19839", "DEBIANCVE:CVE-2018-20190", "DEBIANCVE:CVE-2018-20821", "DEBIANCVE:CVE-2018-21270", "DEBIANCVE:CVE-2018-3728", "DEBIANCVE:CVE-2019-10742", "DEBIANCVE:CVE-2019-10746", "DEBIANCVE:CVE-2019-10747", "DEBIANCVE:CVE-2019-16775", "DEBIANCVE:CVE-2019-16776", "DEBIANCVE:CVE-2019-16777", "DEBIANCVE:CVE-2019-20149", "DEBIANCVE:CVE-2019-6283", "DEBIANCVE:CVE-2019-6284", "DEBIANCVE:CVE-2019-6286", "DEBIANCVE:CVE-2020-15095", "DEBIANCVE:CVE-2020-24025", "DEBIANCVE:CVE-2020-28168", "DEBIANCVE:CVE-2020-28469", "DEBIANCVE:CVE-2021-23364", "DEBIANCVE:CVE-2021-23440", "DEBIANCVE:CVE-2021-33587", "DEBIANCVE:CVE-2021-35065", "DEBIANCVE:CVE-2022-0512", "DEBIANCVE:CVE-2022-0639", "DEBIANCVE:CVE-2022-0686", "DEBIANCVE:CVE-2022-0691"]}, {"type": "fedora", "idList": ["FEDORA:2E80F605D57E", "FEDORA:57FF33092F97", "FEDORA:5D3AA60DDB80", "FEDORA:6E22E60DD65A", "FEDORA:7ACB43067777", "FEDORA:81A0B60D2374", "FEDORA:A049C605DCF7", "FEDORA:AE16260D235E", "FEDORA:AFA9330AF383", "FEDORA:BCFED30A3C21", "FEDORA:BFB9C30C9E8C"]}, {"type": "freebsd", "idList": ["2A3588B4-AB12-11EA-A051-001B217B3468"]}, {"type": "gentoo", "idList": ["GLSA-202003-48", "GLSA-202101-07"]}, {"type": "github", "idList": ["GHSA-42XW-2XVC-QX8M", "GHSA-4328-8HGF-7WJR", "GHSA-4G88-FPPR-53PP", "GHSA-4JQC-8M5R-9RPR", "GHSA-4W2V-Q235-VP99", "GHSA-5FW9-FQ32-WV5P", "GHSA-675M-85RW-J3W4", "GHSA-6C8F-QPHG-QJGP", "GHSA-8V38-PW62-9CW2", "GHSA-93F3-23RQ-PJFP", "GHSA-C6RQ-RJC2-86V2", "GHSA-CJ88-88MR-972W", "GHSA-FHJF-83WG-R2J9", "GHSA-HGJH-723H-MX2J", "GHSA-HJ48-42VR-X3V9", "GHSA-JF5R-8HM2-F872", "GHSA-JP4X-W63M-7WGM", "GHSA-M6CX-G6QM-P2CX", "GHSA-MF6X-7MM4-X2G7", "GHSA-PW54-MH39-W3HC", "GHSA-Q8PJ-2VQX-8GGC", "GHSA-QRMC-FJ45-QFC2", "GHSA-QRPM-P2H7-HRV2", "GHSA-R8F7-9PFQ-MJMV", "GHSA-RQ8G-5PC5-WRHR", "GHSA-RQFF-837H-MM52", "GHSA-W8QV-6JWH-64R5", "GHSA-WW39-953V-WCQ6", "GHSA-X8QC-RRCW-4R46"]}, {"type": "githubexploit", "idList": ["148F6E10-0B17-5F42-97C9-F612D55869DB", "8471BA09-E48C-5437-9602-0D9E08A28F5E", "9D5F343F-2638-5C6B-A8F3-C5D16A393ABE", "A9F9F0BA-CAD8-5759-983F-F5CA24BFAF4C", "D2A327FF-6F42-51F0-85B3-C36F8A1DB33E"]}, {"type": "hackerone", "idList": ["H1:310439", "H1:381185", "H1:430291"]}, {"type": "huntr", "idList": ["55FD06CD-9054-4D80-83BE-EB5A454BE78C", "57124ED5-4B68-4934-8325-2C546257F2E4", "6D1BC51F-1876-4F5B-A2C2-734E09E8E05B", "83A6BC9A-B542-4A38-82CD-D995A1481155", "F076D76A-661C-4484-A4C3-0712869E43E1"]}, {"type": "ibm", "idList": ["00DC23CF7E7D7B61DF0322853CA8188D06C5D963D1F35DBA42831634180576D2", "03C1C0CFEDB05A2FD0EBDB73759416A70A64FE2663452B2233BFD85BD0543E37", "0556F1DC5B30D5079CC9AC5473643A4E3229C388AA389B4C1FC98B72ED4E7AE5", "0665925DF5F067ECF5E297BA3C90127DB89591002C77E6A2724DF5A757C0156C", "09DB301DE5388112AFDCE1ADC6770F3F994875E7AFE705648108B080BDEE8669", "1BC7235709ACE304863DE5EEDA07EEEE6472A2DA1A3D73061CA0E43F2DD4755A", "1FC3FE9693D6EFB3ACC473671341CB6795CE82CC97FFAF17A6C7D7E79878F25D", "2086FB55F21E89DBC8174340D89EF5FA41D8A92E7F703356483EF59A05808BC1", "24B1AE073C3E8B032429754E1E35B7D96539587DDA275F7A13183F44D07B88D2", "2F8EED6034531CE07CF060BBEB52F7647B2DF97F2DD767133B36FC4F56DB581D", "2FDA4B89CD47DB6058B56739C0CA2CDC2DBE47043CA5C1C65DA2716DA9E49BF0", "312BA865C946D80197A006CC86BC37A11070C26728D1B707EE4B333C0E4EBF25", "3410A57294243E5BBAFB4C69F17AC837FB02B049396A85D095AF16279272DED9", "346C36B67803B757FF1767E4BF910A6E6BE1A0BEA9FB7AA3921E81F01FE940F2", "35C55DFA7F9CC9D1F9BD3BD68EA3109345376F536BE78EA0B95C2ADC2646D66B", "3A0EC58D68A9FF044EFDD59A19016C7F96E811E1FC47D2E23F42FDF074B43F35", "3DF12CE7E405A27C5D5CD02B7E82B121B9FC8066351CBDF237840051F5E9A63F", "4719F10AF48A5BD903A6C73BC383AF43CFF939F225925A8C7CDF0873EC7C5679", "4BF7A5E750431865636D92E71393396C252B3F778FB89C0C3E599627DCB87306", "4CE8556A3E8A37D88342DF5687B4FB7CFB753AA03BF01FF21A6620370D291A4A", "57ECB2F42238F3129A22A7BF7162482997E17DA631367C7851A710687B01C414", "5F1A8E5DEF8C5B0BD8A337785BC9EC92521E4E1FC191BC80CFB2E92B4BEB7686", "5F4385495D3887060B4B9CFB1FDA64CC9D5B4ECD22384C0EE4D8EE768E9A1131", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "65A4508C1DA395549FBC79488B5AB49FD1318D5EA8060FECE10A480701CC6CD1", "68365A7819A74536B5588A3E26D0CC2DF19BB6FCCDE541B4A01E76E4E619F115", "6BA70D78F086D07D5D04D35657C565B766597C9DE86C3B8D586D271713B4D89A", "6CAE2D44529EB3ACB88F1CD69BAC17D0CEAF1019A014DB789505665B46AF09B8", "6DFE02E47206439339CF69003DED7C6A339BE8A9FDA6611EA300ACF64BDB9DD1", "6E8F9D335B76AD6ECE4A613F6D40FEAC529B227587A49345CCDF5DC1507708BF", "7062883AF04D6A4E65151DA5182F26798A1F40F4223BAE671EDA7F31C16130B9", "739CA5C6D16CE009AAFC14E0DAB80D8EBA9CBB48EA41646D45E1273B10FA59FF", "7719C620E59928004067B66ED911F920062D215A902659A3764A922698553EB0", "7E48E83AB3B599D048D884D2F2A9C830676F7F8EE7EFC2B799BFE4618D5E9A2F", "7FD9F7FFE1C0EF8F68DFE234A094535CE5CD56211AA4CA79732A71BF6B3C0262", "895F4CFDE7BED79352BE28A05DAE6E5D059FA356E0FB142F85559DC4743501F6", "8A1A215EBF4B68752052A696D19B4E3C4F4AF0C292A6A7C5AE33A82F3B4C2229", "8C84F9F6803F7B599727F54AFEA8E6241BA3FD1510B15AE2524E912A02E9BC46", "914E3E35DA08D7D92EDCD9A6308B1D714949AEE954349121CD3520399D458D3C", "960C1E7C4AC187604EBA8C42C15A42B25BC450DF6136A0690D2DE71959EE900F", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "9973A30D5630E39198D3B0DF1635AEA7ACB3BA34E41A48861C7EA2358D240D3E", "9B7D3514323721C913B7F4B7440815DE71E19E0CE2EFA7FD71FC9C8ECEE2F069", "9D9A01E02514803E9E0E5DD88830752E1595E1F1CC50F35B26CA6DC44AE2E184", "A1EDB9F080D136915C41FC93DD601226B7CED464E5D5D90AA293CF2531D2E05F", "A3F0F73C564C34889CFF450428C9639D54138F1F9540F74320AAEC30CDBAF1C6", "A78852C03F1F9D9C01212BDCD82D1DDBFD65113B9834EA1E7FCA9F313C15B4FF", "B13A430866DCA64C67F6C19A04FDDBD8E0F1F18817F983A4A482E59069E86B7E", "B646346CD0E40AB78D9B68A80759174B5332138B354289F2D1DD2721C376AA56", "BE480F88C18B91A39AFE065845671817C18B5293E7C73C42B776ECE2EC6DF38E", "C0CE349C81AF5AC7494E87E330698551BF46584CA331B02039B0B4D82875B334", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "D1CB08D31563D582A14B8BAD469844B07F189418B4E4BFBAD4EA8BAA6B327659", "D709136BB8903FCBDCAEDF561B7F8D5D1367161E8130C2F439D7543D8CF054C1", "D8B2C690BC453B0C6AB3A2CF7E5E65EF93E85D2A0C5EF5F6F1DF14C2FFFBF720", "DF67405C33F683940CABFBAAA92B0DCCA6363918616A598AEE2AB59BC7EFD2A8", "E117BB3BA2EA13A92112426BEA63593A9994940462D934F507D031D920CCE0C9", "E2CA1E7AD2646F35FD854E930E6AF030E58817DBF599A59E49719694B3B46D1F", "E90F2758EB55FDBC299EC4F9D774418DBCCC47DB3CE55D154EB978135CCA6896", "EEB2361CC674CA5958E10BC3152430D3B5AE7AEE5701640829F56F8548E53B31", "F0C6BC6B6E0BCD2F79CA2CF94A9D9909AF0E9117B13EA219F0B9C650CC1C6C47", "F2C4BA36830A3E16E740360966F652EE35893013E62CD8ED626B888522CB35A0", "F75806AF51F262CD91F3E2017F6775AF7816B8E15289C5596B33856B18979E5B", "FC367D3847B3B18A075985BFC8A2A8898C7B9AFE3FE16A6F84968131CD5047B4", "FD0E85A6790A7A5E9E4ED07F7E069BEFCDF351251124844206CB202EC5DE5168", "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A", "FFEEC184B6E70C6210AE293D53A3A1B1504EA119812486B8160ACE05A643D9DD"]}, {"type": "ics", "idList": ["ICSA-22-258-05"]}, {"type": "mageia", "idList": ["MGASA-2020-0049", "MGASA-2020-0230", "MGASA-2020-0372", "MGASA-2021-0169"]}, {"type": "nessus", "idList": ["ALMA_LINUX_ALSA-2021-5171.NASL", "ALMA_LINUX_ALSA-2022-0350.NASL", "ALMA_LINUX_ALSA-2022-6595.NASL", "ALMA_LINUX_ALSA-2023-2654.NASL", "CENTOS8_RHSA-2020-0579.NASL", "CENTOS8_RHSA-2020-4272.NASL", "CENTOS8_RHSA-2021-0548.NASL", "CENTOS8_RHSA-2021-0549.NASL", "CENTOS8_RHSA-2021-0551.NASL", "CENTOS8_RHSA-2021-3623.NASL", "CENTOS8_RHSA-2021-3666.NASL", "CENTOS8_RHSA-2021-5171.NASL", "CENTOS8_RHSA-2022-0350.NASL", "CENTOS8_RHSA-2023-1582.NASL", "CENTOS8_RHSA-2023-1583.NASL", "CENTOS8_RHSA-2023-1743.NASL", "DEBIAN_DLA-3336.NASL", "DEBIAN_DLA-3350.NASL", "FEDORA_2020-1F1C94907B.NASL", "FEDORA_2020-43D5A372FC.NASL", "FEDORA_2020-4A8F110332.NASL", "FEDORA_2020-582515FA8A.NASL", "FEDORA_2020-595CE5E3CC.NASL", "FEDORA_2020-F80E5C0D65.NASL", "FEDORA_2023-5C6F32DB6F.NASL", "FREEBSD_PKG_2A3588B4AB1211EAA051001B217B3468.NASL", "GENTOO_GLSA-202003-48.NASL", "GENTOO_GLSA-202101-07.NASL", "IBM_COGNOS_6615285.NASL", "MARINER_REAPER_CVE-2018-11694.NASL", "OPENSUSE-2019-1791.NASL", "OPENSUSE-2020-1616.NASL", "OPENSUSE-2020-1644.NASL", "OPENSUSE-2020-1660.NASL", "OPENSUSE-2020-59.NASL", "OPENSUSE-2022-0657-1.NASL", "OPENSUSE-2022-0704-1.NASL", "OPENSUSE-2022-0715-1.NASL", "ORACLELINUX_ELSA-2020-0579.NASL", "ORACLELINUX_ELSA-2020-4272.NASL", "ORACLELINUX_ELSA-2021-0548.NASL", "ORACLELINUX_ELSA-2021-0549.NASL", "ORACLELINUX_ELSA-2021-0551.NASL", "ORACLELINUX_ELSA-2021-3623.NASL", "ORACLELINUX_ELSA-2021-3666.NASL", "ORACLELINUX_ELSA-2021-5171.NASL", "ORACLELINUX_ELSA-2022-0350.NASL", "ORACLELINUX_ELSA-2022-6595.NASL", "ORACLELINUX_ELSA-2023-1582.NASL", "ORACLELINUX_ELSA-2023-1583.NASL", "ORACLELINUX_ELSA-2023-1743.NASL", "ORACLELINUX_ELSA-2023-2654.NASL", "REDHAT-RHSA-2018-1263.NASL", "REDHAT-RHSA-2020-0573.NASL", "REDHAT-RHSA-2020-0579.NASL", "REDHAT-RHSA-2020-0597.NASL", "REDHAT-RHSA-2020-0602.NASL", "REDHAT-RHSA-2020-2625.NASL", "REDHAT-RHSA-2020-4272.NASL", "REDHAT-RHSA-2020-4903.NASL", "REDHAT-RHSA-2020-5086.NASL", "REDHAT-RHSA-2021-0421.NASL", "REDHAT-RHSA-2021-0485.NASL", "REDHAT-RHSA-2021-0521.NASL", "REDHAT-RHSA-2021-0548.NASL", "REDHAT-RHSA-2021-0549.NASL", "REDHAT-RHSA-2021-0551.NASL", "REDHAT-RHSA-2021-2865.NASL", "REDHAT-RHSA-2021-3280.NASL", "REDHAT-RHSA-2021-3281.NASL", "REDHAT-RHSA-2021-3623.NASL", "REDHAT-RHSA-2021-3638.NASL", "REDHAT-RHSA-2021-3639.NASL", "REDHAT-RHSA-2021-3666.NASL", "REDHAT-RHSA-2021-4626.NASL", "REDHAT-RHSA-2021-5171.NASL", "REDHAT-RHSA-2022-0246.NASL", "REDHAT-RHSA-2022-0350.NASL", "REDHAT-RHSA-2022-6595.NASL", "REDHAT-RHSA-2023-0612.NASL", "REDHAT-RHSA-2023-1043.NASL", "REDHAT-RHSA-2023-1044.NASL", "REDHAT-RHSA-2023-1045.NASL", "REDHAT-RHSA-2023-1533.NASL", "REDHAT-RHSA-2023-1742.NASL", "REDHAT-RHSA-2023-1743.NASL", "REDHAT-RHSA-2023-2654.NASL", "ROCKY_LINUX_RLSA-2020-0579.NASL", "ROCKY_LINUX_RLSA-2020-4272.NASL", "ROCKY_LINUX_RLSA-2021-0548.NASL", "ROCKY_LINUX_RLSA-2021-0549.NASL", "ROCKY_LINUX_RLSA-2021-0551.NASL", "ROCKY_LINUX_RLSA-2021-3623.NASL", "ROCKY_LINUX_RLSA-2021-3666.NASL", "ROCKY_LINUX_RLSA-2021-5171.NASL", "ROCKY_LINUX_RLSA-2022-0350.NASL", "ROCKY_LINUX_RLSA-2022-6595.NASL", "ROCKY_LINUX_RLSA-2023-1582.NASL", "ROCKY_LINUX_RLSA-2023-1583.NASL", "ROCKY_LINUX_RLSA-2023-1743.NASL", "SUSE_SU-2020-0043-1.NASL", "SUSE_SU-2020-0063-1.NASL", "SUSE_SU-2020-0104-1.NASL", "SUSE_SU-2020-0247-1.NASL", "SUSE_SU-2020-0429-1.NASL", "SUSE_SU-2020-2800-1.NASL", "SUSE_SU-2020-2812-1.NASL", "SUSE_SU-2020-2813-1.NASL", "SUSE_SU-2020-2823-1.NASL", "SUSE_SU-2020-2829-1.NASL", "SUSE_SU-2020-2870-1.NASL", "SUSE_SU-2022-0531-1.NASL", "SUSE_SU-2022-0563-1.NASL", "SUSE_SU-2022-0569-1.NASL", "SUSE_SU-2022-0570-1.NASL", "SUSE_SU-2022-0657-1.NASL", "SUSE_SU-2022-0704-1.NASL", "SUSE_SU-2022-0715-1.NASL", "SUSE_SU-2022-1717-1.NASL", "UBUNTU_USN-4837-1.NASL", "UBUNTU_USN-5973-1.NASL", "UBUNTU_USN-6065-1.NASL"]}, {"type": "nodejs", "idList": ["NODEJS:1012", "NODEJS:1013", "NODEJS:1464", "NODEJS:1543", "NODEJS:1594", "NODEJS:1705", "NODEJS:1747", "NODEJS:1751", "NODEJS:1754", "NODEJS:1773", "NODEJS:566", "NODEJS:720", "NODEJS:780"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852636", "OPENVAS:1361412562310853004", "OPENVAS:1361412562310877356", "OPENVAS:1361412562310877375", "OPENVAS:1361412562310877432", "OPENVAS:1361412562310877435", "OPENVAS:1361412562310877438", "OPENVAS:1361412562310877449"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2020", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-0579", "ELSA-2020-4272", "ELSA-2021-0548", "ELSA-2021-0549", "ELSA-2021-0551", "ELSA-2021-3623", "ELSA-2021-3666", "ELSA-2021-5171", "ELSA-2022-0350", "ELSA-2022-6595", "ELSA-2023-1582", "ELSA-2023-1583", "ELSA-2023-1743", "ELSA-2023-2654"]}, {"type": "osv", "idList": ["OSV:DLA-3336-1", "OSV:DLA-3350-1", "OSV:GHSA-42XW-2XVC-QX8M", "OSV:GHSA-4328-8HGF-7WJR", "OSV:GHSA-4G88-FPPR-53PP", "OSV:GHSA-4JQC-8M5R-9RPR", "OSV:GHSA-4W2V-Q235-VP99", "OSV:GHSA-5FW9-FQ32-WV5P", "OSV:GHSA-675M-85RW-J3W4", "OSV:GHSA-6C8F-QPHG-QJGP", "OSV:GHSA-8V38-PW62-9CW2", "OSV:GHSA-93F3-23RQ-PJFP", "OSV:GHSA-C6RQ-RJC2-86V2", "OSV:GHSA-CJ88-88MR-972W", "OSV:GHSA-FHJF-83WG-R2J9", "OSV:GHSA-HGJH-723H-MX2J", "OSV:GHSA-HJ48-42VR-X3V9", "OSV:GHSA-JF5R-8HM2-F872", "OSV:GHSA-JP4X-W63M-7WGM", "OSV:GHSA-M6CX-G6QM-P2CX", "OSV:GHSA-MF6X-7MM4-X2G7", "OSV:GHSA-PW54-MH39-W3HC", "OSV:GHSA-Q8PJ-2VQX-8GGC", "OSV:GHSA-QRMC-FJ45-QFC2", "OSV:GHSA-QRPM-P2H7-HRV2", "OSV:GHSA-R8F7-9PFQ-MJMV", "OSV:GHSA-RQ8G-5PC5-WRHR", "OSV:GHSA-RQFF-837H-MM52", "OSV:GHSA-W8QV-6JWH-64R5", "OSV:GHSA-WW39-953V-WCQ6", "OSV:GHSA-X8QC-RRCW-4R46"]}, {"type": "prion", "idList": ["PRION:CVE-2017-18869", "PRION:CVE-2018-1000620", "PRION:CVE-2018-11694", "PRION:CVE-2018-11698", "PRION:CVE-2018-16489", "PRION:CVE-2018-16492", "PRION:CVE-2018-19797", "PRION:CVE-2018-19827", "PRION:CVE-2018-19838", "PRION:CVE-2018-19839", "PRION:CVE-2018-20190", "PRION:CVE-2018-20821", "PRION:CVE-2018-21270", "PRION:CVE-2018-3728", "PRION:CVE-2019-10742", "PRION:CVE-2019-10746", "PRION:CVE-2019-10747", "PRION:CVE-2019-16775", "PRION:CVE-2019-16776", "PRION:CVE-2019-16777", "PRION:CVE-2019-20149", "PRION:CVE-2019-6283", "PRION:CVE-2019-6284", "PRION:CVE-2019-6286", "PRION:CVE-2020-15095", "PRION:CVE-2020-24025", "PRION:CVE-2020-28168", "PRION:CVE-2020-28469", "PRION:CVE-2020-7754", "PRION:CVE-2020-7789", "PRION:CVE-2021-23343", "PRION:CVE-2021-23364", "PRION:CVE-2021-23440", "PRION:CVE-2021-23566", "PRION:CVE-2021-33587", "PRION:CVE-2021-35065", "PRION:CVE-2022-0512", "PRION:CVE-2022-0639", "PRION:CVE-2022-0686", "PRION:CVE-2022-0691"]}, {"type": "redhat", "idList": ["RHSA-2018:1263", "RHSA-2018:1264", "RHSA-2020:0573", "RHSA-2020:0579", "RHSA-2020:0597", "RHSA-2020:0602", "RHSA-2020:1475", "RHSA-2020:2625", "RHSA-2020:4272", "RHSA-2020:4903", "RHSA-2020:5086", "RHSA-2021:0421", "RHSA-2021:0485", "RHSA-2021:0521", "RHSA-2021:0548", "RHSA-2021:0549", "RHSA-2021:0551", "RHSA-2021:0781", "RHSA-2021:1499", "RHSA-2021:2438", "RHSA-2021:2865", "RHSA-2021:3016", "RHSA-2021:3280", "RHSA-2021:3281", "RHSA-2021:3454", "RHSA-2021:3623", "RHSA-2021:3638", "RHSA-2021:3639", "RHSA-2021:3666", "RHSA-2021:3917", "RHSA-2021:4626", "RHSA-2021:4902", "RHSA-2021:5038", "RHSA-2021:5171", "RHSA-2022:0246", "RHSA-2022:0350", "RHSA-2022:0595", "RHSA-2022:1083", "RHSA-2022:1476", "RHSA-2022:5069", "RHSA-2022:6156", "RHSA-2022:6429", "RHSA-2022:6595", "RHSA-2023:0612", "RHSA-2023:0634", "RHSA-2023:0934", "RHSA-2023:1043", "RHSA-2023:1044", "RHSA-2023:1045", "RHSA-2023:1047", "RHSA-2023:1049", "RHSA-2023:1533", "RHSA-2023:1582", "RHSA-2023:1583", "RHSA-2023:1742", "RHSA-2023:1743", "RHSA-2023:2654", "RHSA-2023:2655"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-18869", "RH:CVE-2018-1000620", "RH:CVE-2018-11694", "RH:CVE-2018-11698", "RH:CVE-2018-16492", "RH:CVE-2018-19797", "RH:CVE-2018-19827", "RH:CVE-2018-19838", "RH:CVE-2018-19839", "RH:CVE-2018-20190", "RH:CVE-2018-20821", "RH:CVE-2018-21270", "RH:CVE-2018-3728", "RH:CVE-2019-10746", "RH:CVE-2019-10747", "RH:CVE-2019-16775", "RH:CVE-2019-16776", "RH:CVE-2019-16777", "RH:CVE-2019-20149", "RH:CVE-2019-6283", "RH:CVE-2019-6284", "RH:CVE-2019-6286", "RH:CVE-2020-15095", "RH:CVE-2020-24025", "RH:CVE-2020-28168", "RH:CVE-2020-28469", "RH:CVE-2020-7754", "RH:CVE-2020-7789", "RH:CVE-2021-23343", "RH:CVE-2021-23364", "RH:CVE-2021-23440", "RH:CVE-2021-23566", "RH:CVE-2021-33587", "RH:CVE-2021-35065", "RH:CVE-2022-0512", "RH:CVE-2022-0639", "RH:CVE-2022-0686", "RH:CVE-2022-0691"]}, {"type": "rocky", "idList": ["RLEA-2020:0330", "RLSA-2020:0579", "RLSA-2020:4272", "RLSA-2021:0548", "RLSA-2021:0549", "RLSA-2021:0551", "RLSA-2021:3623", "RLSA-2021:3666", "RLSA-2021:5171", "RLSA-2022:0350", "RLSA-2022:6595", "RLSA-2023:1582", "RLSA-2023:1583", "RLSA-2023:1743"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1791-1", "OPENSUSE-SU-2019:1800-1", "OPENSUSE-SU-2019:1883-1", "OPENSUSE-SU-2020:0059-1", "OPENSUSE-SU-2020:1616-1", "OPENSUSE-SU-2020:1644-1", "OPENSUSE-SU-2020:1660-1", "OPENSUSE-SU-2022:0657-1", "OPENSUSE-SU-2022:0704-1", "OPENSUSE-SU-2022:0715-1", "OPENSUSE-SU-22022:20000-2", "OPENSUSE-SU-42022-1", "SUSE-SU-2022:1717-1"]}, {"type": "symantec", "idList": ["SMNTC-111551"]}, {"type": "ubuntu", "idList": ["USN-4837-1", "USN-5973-1", "USN-6065-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-18869", "UB:CVE-2018-11694", "UB:CVE-2018-11698", "UB:CVE-2018-16492", "UB:CVE-2018-19797", "UB:CVE-2018-19827", "UB:CVE-2018-19838", "UB:CVE-2018-19839", "UB:CVE-2018-20190", "UB:CVE-2018-20821", "UB:CVE-2018-21270", "UB:CVE-2018-3728", "UB:CVE-2019-10742", "UB:CVE-2019-10746", "UB:CVE-2019-10747", "UB:CVE-2019-16775", "UB:CVE-2019-16776", "UB:CVE-2019-16777", "UB:CVE-2019-20149", "UB:CVE-2019-6283", "UB:CVE-2019-6284", "UB:CVE-2019-6286", "UB:CVE-2020-15095", "UB:CVE-2020-24025", "UB:CVE-2020-28168", "UB:CVE-2020-28469", "UB:CVE-2021-23364", "UB:CVE-2021-23440", "UB:CVE-2021-23566", "UB:CVE-2021-33587", "UB:CVE-2021-35065", "UB:CVE-2022-0512", "UB:CVE-2022-0639", "UB:CVE-2022-0686", "UB:CVE-2022-0691"]}, {"type": "veracode", "idList": ["VERACODE:13303", "VERACODE:20566", "VERACODE:20569", "VERACODE:20887", "VERACODE:21734", "VERACODE:22160", "VERACODE:22162", "VERACODE:22182", "VERACODE:22259", "VERACODE:25843", "VERACODE:27614", "VERACODE:27848", "VERACODE:28590", "VERACODE:28966", "VERACODE:29090", "VERACODE:30136", "VERACODE:30351", "VERACODE:30747", "VERACODE:31382", "VERACODE:32075", "VERACODE:33728", "VERACODE:34230", "VERACODE:34282", "VERACODE:34307", "VERACODE:34340", "VERACODE:5819", "VERACODE:6130", "VERACODE:7002", "VERACODE:7167", "VERACODE:7303"]}]}, "score": {"value": 9.7, "vector": "NONE"}, "affected_software": {"major_version": [{"name": "ibm spectrum discover", "version": 2}]}, "epss": [{"cve": "CVE-2017-18869", "epss": 0.00042, "percentile": 0.05657, "modified": "2023-05-01"}, {"cve": "CVE-2018-1000620", "epss": 0.00247, "percentile": 0.61082, "modified": "2023-05-02"}, {"cve": "CVE-2018-11694", "epss": 0.00209, "percentile": 0.57345, "modified": "2023-05-02"}, {"cve": "CVE-2018-11698", "epss": 0.00217, "percentile": 0.5819, "modified": "2023-05-02"}, {"cve": "CVE-2018-16489", "epss": 0.0039, "percentile": 0.69309, "modified": "2023-05-02"}, {"cve": "CVE-2018-16492", "epss": 0.0039, "percentile": 0.69309, "modified": "2023-05-02"}, {"cve": "CVE-2018-19797", "epss": 0.00215, "percentile": 0.57991, "modified": "2023-05-02"}, {"cve": "CVE-2018-19827", "epss": 0.00318, "percentile": 0.65961, "modified": "2023-05-02"}, {"cve": "CVE-2018-19838", "epss": 0.0024, "percentile": 0.60499, "modified": "2023-05-02"}, {"cve": "CVE-2018-19839", "epss": 0.00303, "percentile": 0.65155, "modified": "2023-05-02"}, {"cve": "CVE-2018-20190", "epss": 0.01146, "percentile": 0.8267, "modified": "2023-05-02"}, {"cve": "CVE-2018-20821", "epss": 0.00282, "percentile": 0.63788, "modified": "2023-05-01"}, {"cve": "CVE-2018-21270", "epss": 0.00159, "percentile": 0.50904, "modified": "2023-05-01"}, {"cve": "CVE-2018-3728", "epss": 0.00782, "percentile": 0.78844, "modified": "2023-05-02"}, {"cve": "CVE-2019-10742", "epss": 0.00204, "percentile": 0.56815, "modified": "2023-05-01"}, {"cve": "CVE-2019-10746", "epss": 0.0027, "percentile": 0.62962, "modified": "2023-05-01"}, {"cve": "CVE-2019-10747", "epss": 0.00447, "percentile": 0.71236, "modified": "2023-05-01"}, {"cve": "CVE-2019-16775", "epss": 0.00238, "percentile": 0.60371, "modified": "2023-05-01"}, {"cve": "CVE-2019-16776", "epss": 0.00114, "percentile": 0.43554, "modified": "2023-05-01"}, {"cve": "CVE-2019-16777", "epss": 0.002, "percentile": 0.56348, "modified": "2023-05-01"}, {"cve": "CVE-2019-20149", "epss": 0.00091, "percentile": 0.37373, "modified": "2023-05-01"}, {"cve": "CVE-2019-6283", "epss": 0.00205, "percentile": 0.57015, "modified": "2023-05-02"}, {"cve": "CVE-2019-6284", "epss": 0.00205, "percentile": 0.57015, "modified": "2023-05-02"}, {"cve": "CVE-2019-6286", "epss": 0.0024, "percentile": 0.60499, "modified": "2023-05-02"}, {"cve": "CVE-2020-15095", "epss": 0.00047, "percentile": 0.14297, "modified": "2023-05-01"}, {"cve": "CVE-2020-24025", "epss": 0.00072, "percentile": 0.29479, "modified": "2023-05-01"}, {"cve": "CVE-2020-28168", "epss": 0.00094, "percentile": 0.3865, "modified": "2023-05-01"}, {"cve": "CVE-2020-28469", "epss": 0.0107, "percentile": 0.82087, "modified": "2023-05-01"}, {"cve": "CVE-2020-7754", "epss": 0.00237, "percentile": 0.60284, "modified": "2023-05-01"}, {"cve": "CVE-2020-7789", "epss": 0.0013, "percentile": 0.46543, "modified": "2023-05-01"}, {"cve": "CVE-2021-23343", "epss": 0.00121, "percentile": 0.44978, "modified": "2023-05-01"}, {"cve": "CVE-2021-23364", "epss": 0.00129, "percentile": 0.46219, "modified": "2023-05-01"}, {"cve": "CVE-2021-23566", "epss": 0.00052, "percentile": 0.18038, "modified": "2023-05-02"}, {"cve": "CVE-2021-33587", "epss": 0.00105, "percentile": 0.41487, "modified": "2023-05-01"}, {"cve": "CVE-2021-35065", "epss": 0.00049, "percentile": 0.15513, "modified": "2023-05-02"}, {"cve": "CVE-2022-0512", "epss": 0.00096, "percentile": 0.39018, "modified": "2023-05-02"}, {"cve": "CVE-2022-0639", "epss": 0.00096, "percentile": 0.39018, "modified": "2023-05-02"}, {"cve": "CVE-2022-0686", "epss": 0.00142, "percentile": 0.48587, "modified": "2023-05-02"}, {"cve": "CVE-2022-0691", "epss": 0.00153, "percentile": 0.50175, "modified": "2023-05-02"}], "vulnersScore": 9.7}, "_state": {"dependencies": 1701904531, "score": 1701904788, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "ba1cd29becd320e854c0ffeeca46351e"}, "affectedSoftware": [{"version": "2.0.4.6", "operator": "eq", "name": "ibm spectrum discover"}]}

{"ibm": [{"lastseen": "2023-12-06T22:27:21", "description": "## Summary\n\nIBM Edge Application Manager 4.5 has resolved the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20821](<https://vulners.com/cve/CVE-2018-20821>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2020-24025](<https://vulners.com/cve/CVE-2020-24025>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19838](<https://vulners.com/cve/CVE-2018-19838>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11694](<https://vulners.com/cve/CVE-2018-11694>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Functions::selector_append. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20190](<https://vulners.com/cve/CVE-2018-20190>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Eval::operator() in eval.cpp. By using a specially crafted sass input file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \n \n \n\n\n## Remediation/Fixes\n\nThe fix/upgrade is a set of docker images, that will automatically be pulled and deployed from both dockerhub and the IBM Entitled Registry.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-05-15T17:51:03", "type": "ibm", "title": "Security Bulletin: Open Source Dependency Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11694", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-24025"], "modified": "2023-05-15T17:51:03", "id": "914E3E35DA08D7D92EDCD9A6308B1D714949AEE954349121CD3520399D458D3C", "href": "https://www.ibm.com/support/pages/node/6991585", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T23:05:06", "description": "## Summary\n\nMultiple Vulnerabilities have been found in Node.js used by the Common UI in Cloud Pak System. Cloud Pak System has addressed these vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23343](<https://vulners.com/cve/CVE-2021-23343>) \n** DESCRIPTION: **path-parse is vulnerable to a denial of service. By sending a specially-crafted request via splitDeviceRe, splitTailRe, and splitPathRe regular expressions, a remote attacker could exploit this vulnerability to cause a regular expression denial of service (ReDoS). \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201206](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201206>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-23386](<https://vulners.com/cve/CVE-2021-23386>) \n** DESCRIPTION: **Node.js dns-packet module could allow a remote authenticated attacker to obtain sensitive information, caused by an issue when creating buffers with allocUnsafe and does not always fill them before forming network packets. By querying specially-crafted domain names, an attacker could exploit this vulnerability to obtain internal application memory information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2020-7789](<https://vulners.com/cve/CVE-2020-7789>) \n** DESCRIPTION: **node-notifier could allow a remote attacker to execute arbitrary commands on the system, caused by improper sanitization of options params. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193001](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193001>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-7693](<https://vulners.com/cve/CVE-2020-7693>) \n** DESCRIPTION: **SockJS sockjs-node is vulnerable to a denial of service, caused by improper handling of Upgrade header with the value websocket. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to crash the containers hosting SockJS apps. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184859](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184859>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-32640](<https://vulners.com/cve/CVE-2021-32640>) \n** DESCRIPTION: **WebSockets ws library for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDOS) flaw in the in Sec-Websocket-Protocol header. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a slow down on the ws server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-0691](<https://vulners.com/cve/CVE-2022-0691>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improper validation of \\b (backspace) character. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation and leads to false positive in the extractProtocol() function. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-24025](<https://vulners.com/cve/CVE-2020-24025>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19838](<https://vulners.com/cve/CVE-2018-19838>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11499](<https://vulners.com/cve/CVE-2018-11499>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a use-after-free in handle_error() in sass_context.cpp. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11696](<https://vulners.com/cve/CVE-2018-11696>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Inspect::operator. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144308](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144308>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11697](<https://vulners.com/cve/CVE-2018-11697>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::Prelexer::exactly(). By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-18797](<https://vulners.com/cve/CVE-2019-18797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Eval::operator() in eval.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171289](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171289>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19837](<https://vulners.com/cve/CVE-2018-19837>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Sass::Eval::operator function in eval.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153721](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153721>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20821](<https://vulners.com/cve/CVE-2018-20821>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20190](<https://vulners.com/cve/CVE-2018-20190>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Eval::operator() in eval.cpp. By using a specially crafted sass input file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11694](<https://vulners.com/cve/CVE-2018-11694>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Functions::selector_append. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-23364](<https://vulners.com/cve/CVE-2021-23364>) \n** DESCRIPTION: **Browserslist is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) during parsing of queries. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200951](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200951>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak System, IBM Cloud Pak System Software, IBM Cloud Pak System Software Suite| 2.3.3.0 - 2.3.3.4 \n \n\n\n## Remediation/Fixes\n\nFor IBM Cloud Pak System v2.3.3.0, v2.3.3.1, v2.3.3.2, v2.3.3.3, v2.3.3.3 Interim Fix1, v2.3.3.4, \n\nUpgrade to Cloud Pak System v2.3.3.5 available at [FixCentral](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/IBM+Cloud+Pak+System&release=2.3.3.5&platform=Linux&function=all> \"FixCentral\" ).\n\nInformation on upgrading at : <http://www.ibm.com/support/docview.wss?uid=ibm10887959>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-16T17:05:28", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11499", "CVE-2018-11694", "CVE-2018-11696", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19837", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2019-18797", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-24025", "CVE-2020-7693", "CVE-2020-7789", "CVE-2021-23343", "CVE-2021-23364", "CVE-2021-23386", "CVE-2021-32640", "CVE-2022-0691"], "modified": "2022-08-16T17:05:28", "id": "312BA865C946D80197A006CC86BC37A11070C26728D1B707EE4B333C0E4EBF25", "href": "https://www.ibm.com/support/pages/node/6612791", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T21:46:12", "description": "## Summary\n\nIBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to the dependencies in the opensource library libsass-3.5.5 and opennms-opennms-source-25.1.1-1 . These are fixed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-11696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144308>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Inspect::operator. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144308](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144308>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11499](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a use-after-free in handle_error() in sass_context.cpp. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Eval::operator() in eval.cpp. By using a specially crafted sass input file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-24025](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19838](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20822](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-18797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171289>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Eval::operator() in eval.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171289](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171289>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2018-11694](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Functions::selector_append. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11697](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::Prelexer::exactly(). By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2018-20821](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6283](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19837](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153721>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Sass::Eval::operator function in eval.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153721](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153721>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-11608](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129313>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp. By using specially crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129313](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129313>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.3.7, 2.3.8, 2.3.9 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.4.0 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.5.0 \n \n## Remediation/Fixes\n\nTo address the vulnerability:\n\nUpgrade Watson Machine Learning Accelerator on Cloud Pak for Data to the version 2.6.0 by following the end user document <https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=u-upgrading-from-version-40-4>\n\nIt is strongly suggested to upgrade to the latest version of Watson Machine Learning Accelerator on Cloud Pak for Data for more security fixes.\n\nUpgrade Watson Machine Learning Accelerator on Cloud Pak for Data to the latest version by following the end user document <https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x?topic=upgrading>. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-12-06T16:30:35", "type": "ibm", "title": "Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to libsass and node-sass vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11608", "CVE-2018-11499", "CVE-2018-11694", "CVE-2018-11696", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19837", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-18797", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-24025"], "modified": "2023-12-06T16:30:35", "id": "D709136BB8903FCBDCAEDF561B7F8D5D1367161E8130C2F439D7543D8CF054C1", "href": "https://www.ibm.com/support/pages/node/7091269", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:46:48", "description": "## Summary\n\nThe web server in IBM Security Verify Information Queue (ISIQ) uses an older version of the node-sass package that has multiple vulnerabilities. As of v10.0.0, ISIQ has upgraded to a newer, secure version of node-sass. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-11697](<https://vulners.com/cve/CVE-2018-11697>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::Prelexer::exactly(). By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20822](<https://vulners.com/cve/CVE-2018-20822>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20821](<https://vulners.com/cve/CVE-2018-20821>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20190](<https://vulners.com/cve/CVE-2018-20190>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Eval::operator() in eval.cpp. By using a specially crafted sass input file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-18799](<https://vulners.com/cve/CVE-2019-18799>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-18798](<https://vulners.com/cve/CVE-2019-18798>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171288](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171288>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Verify Information Queue| 1.0.6, 1.0.7 \n \n\n\n## Remediation/Fixes\n\nDownload and install the latest IBM Security Verify Information Queue images (tagged at 10.0.0 or greater) from the Docker Hub repository. The instructions for accessing and deploying the images can be found on the ISIQ starter kit page: <https://www.ibm.com/support/pages/ibm-security-information-queue-starter-kit>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-02-10T16:34:41", "type": "ibm", "title": "Security Bulletin: IBM Security Verify Information Queue uses a Node.js package with multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-18798", "CVE-2019-18799", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2021-02-10T16:34:41", "id": "1BC7235709ACE304863DE5EEDA07EEEE6472A2DA1A3D73061CA0E43F2DD4755A", "href": "https://www.ibm.com/support/pages/node/6414343", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:08:21", "description": "## Summary\n\nMultiple vulnerabilities in Node.js used by IBM InfoSphere Information Server were addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-16777](<https://vulners.com/cve/CVE-2019-16777>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent existing globally-installed binaries to be overwritten by other package installations. An attacker could exploit this vulnerability to bypass filesystem access restrictions to overwrite an existing binary with a globally-installed package. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173159](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173159>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-16776](<https://vulners.com/cve/CVE-2019-16776>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent access to folders outside of the intended node_modules folder through the bin field. An attacker could exploit this vulnerability to gain access to folders outside of the intended node_modules folder through the bin field. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173161](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173161>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-15095](<https://vulners.com/cve/CVE-2020-15095>) \n** DESCRIPTION: **Node.js npm CLI module could allow a local attacker to obtain sensitive information, caused by the storing of user credentials in the log file. By persuading a victim to open a log file, an attacker could exploit this vulnerability to obtain user credentials. \nCVSS Base score: 4.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184666](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-16775](<https://vulners.com/cve/CVE-2019-16775>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by an arbitrary file overwrite vulnerability. An attacker could exploit this vulnerability to bypass filesystem access restrictions to create symlinks to files outside of the node_modules folder through the bin field upon installation. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173163](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173163>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-29244](<https://vulners.com/cve/CVE-2022-29244>) \n** DESCRIPTION: **Node.js npm module could allow a remote authenticated attacker to obtain sensitive information, caused by an issue with ignoring root-level .gitignore &amp; .npmignore file exclusion directives when run in a workspace or with a workspace flag. By sending a specially-crafted request using npm pack or npm publish, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/228303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/228303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-7754](<https://vulners.com/cve/CVE-2020-7754>) \n** DESCRIPTION: **Node.js npm-user-validate module is vulnerable to a denial of service, caused by a flaw when processing long input strings begin with @ characters for user emails. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189917](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189917>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** IBM X-Force ID: **184667 \n** DESCRIPTION: **Node.js npm-registry-fetch module could allow a remote attacker to obtain sensitive information, caused by the storing of user credentials in the log file. By gaining access to the log files, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/184667 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184667>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nInfoSphere Information Server| 11.7 \n \n## Remediation/Fixes\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nInfoSphere Information Server, InfoSphere Information Server on Cloud| 11.7| [DT196854](<https://www.ibm.com/mysupport/aCI3p000000LDZJ> \"DT196854\" )| \\--Apply IBM InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/pages/node/878310>) \n\\--Apply InfoSphere Information Server version [11.7.1.4](<https://www.ibm.com/support/pages/node/6620275> \"11.7.1.4\" ) \n\\--Apply InfoSphere Information Server [11.7.1.4 Service pack 1](<https://www.ibm.com/support/pages/node/6989459> \"11.7.1.4 Service pack 1\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2023-05-17T20:51:25", "type": "ibm", "title": "Security Bulletin: IBM InfoSphere Information Server is affected but not classified as vulnerable to multiple vulnerabilities in Node.js", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2020-15095", "CVE-2020-7754", "CVE-2022-29244"], "modified": "2023-05-17T20:51:25", "id": "2FDA4B89CD47DB6058B56739C0CA2CDC2DBE47043CA5C1C65DA2716DA9E49BF0", "href": "https://www.ibm.com/support/pages/node/6988617", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-07T22:06:41", "description": "## Summary\n\nThere is vulnerability in npm which affects IBM VM Recovery Manager DR\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-16775](<https://vulners.com/cve/CVE-2019-16775>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by an arbitrary file overwrite vulnerability. An attacker could exploit this vulnerability to bypass filesystem access restrictions to create symlinks to files outside of the node_modules folder through the bin field upon installation. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173163](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173163>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-16776](<https://vulners.com/cve/CVE-2019-16776>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent access to folders outside of the intended node_modules folder through the bin field. An attacker could exploit this vulnerability to gain access to folders outside of the intended node_modules folder through the bin field. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173161](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173161>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-16777](<https://vulners.com/cve/CVE-2019-16777>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent existing globally-installed binaries to be overwritten by other package installations. An attacker could exploit this vulnerability to bypass filesystem access restrictions to overwrite an existing binary with a globally-installed package. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173159](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173159>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** Third Party Entry: **173108 \n** DESCRIPTION: **Nodejs npm package could allow a remote attacker to bypass security restrictions, caused by the failure to restrict access to folders outside of the intended node_modules folder through the bin field. By sending a specially-crafted request, an attacker could exploit this vulnerability to create arbitrary files in the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/173108 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** Third Party Entry: **173111 \n** DESCRIPTION: **Nodejs npm package could allow a remote attacker to bypass security restrictions, caused by the failure to restrict globally-installed binaries to be overwritten by other package installations. By sending a specially-crafted request, an attacker could exploit this vulnerability to overwrite globally-installed binaries. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/173111 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173111>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** Third Party Entry: **173110 \n** DESCRIPTION: **Nodejs npm package could allow a remote attacker to obtain sensitive information, caused by the failure to restrict symlinks created to files outside of the node_modules folder through the bin field. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to unauthorized files, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/173110 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nVMRM DR| V1.5 and below \n \n\n\n## Remediation/Fixes\n\nVM Recovery Manager DR Version 1.5.0.1 \n\n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cluster%20software&amp;product=ibm/Other+software/IBM+VM+Recovery+Manager+DR+for+Power+Systems&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=vm_recovery_for_dr_v1.5.0.1&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cluster%20software&product=ibm/Other+software/IBM+VM+Recovery+Manager+DR+for+Power+Systems&release=All&platform=All&function=fixId&fixids=vm_recovery_for_dr_v1.5.0.1&includeSupersedes=0&source=fc>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-07-30T21:12:22", "type": "ibm", "title": "Security Bulletin: Vulnerability in npm affects IBM VM Recovery Manager DR", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2021-07-30T21:12:22", "id": "4CE8556A3E8A37D88342DF5687B4FB7CFB753AA03BF01FF21A6620370D291A4A", "href": "https://www.ibm.com/support/pages/node/6477092", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-07T22:06:44", "description": "## Summary\n\nThere is vulnerability in npm which affects IBM VM Recovery Manager HA\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-16775](<https://vulners.com/cve/CVE-2019-16775>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by an arbitrary file overwrite vulnerability. An attacker could exploit this vulnerability to bypass filesystem access restrictions to create symlinks to files outside of the node_modules folder through the bin field upon installation. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173163](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173163>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-16776](<https://vulners.com/cve/CVE-2019-16776>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent access to folders outside of the intended node_modules folder through the bin field. An attacker could exploit this vulnerability to gain access to folders outside of the intended node_modules folder through the bin field. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173161](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173161>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-16777](<https://vulners.com/cve/CVE-2019-16777>) \n** DESCRIPTION: **npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent existing globally-installed binaries to be overwritten by other package installations. An attacker could exploit this vulnerability to bypass filesystem access restrictions to overwrite an existing binary with a globally-installed package. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173159](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173159>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** Third Party Entry: **173111 \n** DESCRIPTION: **Nodejs npm package could allow a remote attacker to bypass security restrictions, caused by the failure to restrict globally-installed binaries to be overwritten by other package installations. By sending a specially-crafted request, an attacker could exploit this vulnerability to overwrite globally-installed binaries. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/173111 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173111>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** Third Party Entry: **173110 \n** DESCRIPTION: **Nodejs npm package could allow a remote attacker to obtain sensitive information, caused by the failure to restrict symlinks created to files outside of the node_modules folder through the bin field. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to unauthorized files, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/173110 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nVMRM HA| V1.5 and below \n \n## Remediation/Fixes\n\nVM Recovery Manager HA Version 1.5.0.1\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cluster%20software&amp;product=ibm/Other+software/IBM+VM+Recovery+Manager+HA+for+Power+Systems&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=vm_recovery_for_ha_v1.5.0.1&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cluster%20software&product=ibm/Other+software/IBM+VM+Recovery+Manager+HA+for+Power+Systems&release=All&platform=All&function=fixId&fixids=vm_recovery_for_ha_v1.5.0.1&includeSupersedes=0&source=fc>)\n\n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-07-30T21:03:51", "type": "ibm", "title": "Security Bulletin: Vulnerability in npm affects IBM VM Recovery Manager HA", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2021-07-30T21:03:51", "id": "1FC3FE9693D6EFB3ACC473671341CB6795CE82CC97FFAF17A6C7D7E79878F25D", "href": "https://www.ibm.com/support/pages/node/6475691", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-27T21:48:32", "description": "## Summary\n\nFixed in IBM Netezza for Cloud Pak for Data 11.1.1.0\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-19838](<https://vulners.com/cve/CVE-2018-19838>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20822](<https://vulners.com/cve/CVE-2018-20822>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11499](<https://vulners.com/cve/CVE-2018-11499>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a use-after-free in handle_error() in sass_context.cpp. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-16119](<https://vulners.com/cve/CVE-2017-16119>) \n** DESCRIPTION: **Node.js fresh module is vulnerable to regular expression denial of service when passing untrusted user input. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135866](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135866>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-20149](<https://vulners.com/cve/CVE-2019-20149>) \n** DESCRIPTION: **kind-of could allow a remote attacker to bypass security restrictions, caused by improper validation of user supplied input in ctorName in index.js. By sending a specially-crafted payload, an attacker could exploit this vulnerability to overwrite the builtin attribute to manipulate the type detection result. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8116](<https://vulners.com/cve/CVE-2020-8116>) \n** DESCRIPTION: **Node.js dot-prop could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175850](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175850>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-7598](<https://vulners.com/cve/CVE-2020-7598>) \n** DESCRIPTION: **minimist could provide weaker than expected security, caused by a prototype pollution flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to add or modify properties of Object.prototype. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177780](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177780>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-11697](<https://vulners.com/cve/CVE-2018-11697>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::Prelexer::exactly(). By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Netezza for Cloud Pak for Data| All \n \n\n\n## Remediation/Fixes\n\nupgrade to \n \n \n IBM Netezza for Cloud Pak for Data 11.1.1.0\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T06:37:17", "type": "ibm", "title": "Security Bulletin: OSS security Scan issues for Concerto installer.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16119", "CVE-2018-11499", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20822", "CVE-2019-20149", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-7598", "CVE-2020-8116", "CVE-2020-8203"], "modified": "2020-12-08T06:37:17", "id": "7FD9F7FFE1C0EF8F68DFE234A094535CE5CD56211AA4CA79732A71BF6B3C0262", "href": "https://www.ibm.com/support/pages/node/6379558", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:48:09", "description": "## Summary\n\nFixed Open Source issues for listed CVEs for NPS console.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-19838](<https://vulners.com/cve/CVE-2018-19838>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20822](<https://vulners.com/cve/CVE-2018-20822>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11499](<https://vulners.com/cve/CVE-2018-11499>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a use-after-free in handle_error() in sass_context.cpp. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-16119](<https://vulners.com/cve/CVE-2017-16119>) \n** DESCRIPTION: **Node.js fresh module is vulnerable to regular expression denial of service when passing untrusted user input. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135866](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135866>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-20149](<https://vulners.com/cve/CVE-2019-20149>) \n** DESCRIPTION: **kind-of could allow a remote attacker to bypass security restrictions, caused by improper validation of user supplied input in ctorName in index.js. By sending a specially-crafted payload, an attacker could exploit this vulnerability to overwrite the builtin attribute to manipulate the type detection result. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8116](<https://vulners.com/cve/CVE-2020-8116>) \n** DESCRIPTION: **Node.js dot-prop could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175850](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175850>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-7598](<https://vulners.com/cve/CVE-2020-7598>) \n** DESCRIPTION: **minimist could provide weaker than expected security, caused by a prototype pollution flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to add or modify properties of Object.prototype. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177780](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177780>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-11697](<https://vulners.com/cve/CVE-2018-11697>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::Prelexer::exactly(). By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-18214](<https://vulners.com/cve/CVE-2017-18214>) \n** DESCRIPTION: **Node.js moment module is vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause a low severity regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135364](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135364>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2019-11254](<https://vulners.com/cve/CVE-2019-11254>) \n** DESCRIPTION: **Kubernetes is vulnerable to a denial of service, caused by a flaw in kube-apiserver. By sending a specially-crafted request using YAML payloads, a remote authenticated attacker could exploit this vulnerability to consume excessive CPU cycles. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178935](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178935>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Netezza for Cloud Pak for Data | All \n \n## Remediation/Fixes\n\nProduct| VRMF| Remediation/First Fix \n---|---|--- \nIBM Netezza for Cloud Pak for Data | 11.1.1.0 | [Link to Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=11.1.1.0-IM-INZCPD-fp200831&product=ibm%2FInformation%20Management%2FIBM%20Netezza%20for%20Cloud%20Pak%20for%20Data&source=dbluesearch&mhsrc=ibmsearch_s&mhq=IBM%20Netezza%20for%20Cloud%20Pak%20for%20Data%2011.1.1.0&function=fixId&parent=ibm/Information%20Management> \"Link to Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-15T07:03:03", "type": "ibm", "title": "Security Bulletin: Open Source Security issues for NPS console.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16119", "CVE-2017-18214", "CVE-2018-11499", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20822", "CVE-2019-11254", "CVE-2019-20149", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-7598", "CVE-2020-8116", "CVE-2020-8203"], "modified": "2020-12-15T07:03:03", "id": "F75806AF51F262CD91F3E2017F6775AF7816B8E15289C5596B33856B18979E5B", "href": "https://www.ibm.com/support/pages/node/6382128", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:08:51", "description": "## Summary\n\nIBM Edge Application Manager 4.5 has resolved the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-35065](<https://vulners.com/cve/CVE-2021-35065>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service, caused by an error in the enclosure regex. By sending a specially crafted string prepended with the letter \"A\", a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208298](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208298>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28469](<https://vulners.com/cve/CVE-2020-28469>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \n \n\n\n## Remediation/Fixes\n\nThe fix/upgrade is a set of docker images, that will automatically be pulled and deployed from both dockerhub and the IBM Entitled Registry.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-05-15T18:26:00", "type": "ibm", "title": "Security Bulletin: Open Source Dependency Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28469", "CVE-2021-35065"], "modified": "2023-05-15T18:26:00", "id": "9973A30D5630E39198D3B0DF1635AEA7ACB3BA34E41A48861C7EA2358D240D3E", "href": "https://www.ibm.com/support/pages/node/6991607", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:48:08", "description": "## Summary\n\nOpen Source security issues for Content pod\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-20677](<https://vulners.com/cve/CVE-2018-20677>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the affix configuration target property. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155337](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155337>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-19838](<https://vulners.com/cve/CVE-2018-19838>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20822](<https://vulners.com/cve/CVE-2018-20822>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-8331](<https://vulners.com/cve/CVE-2019-8331>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip or popover data-template. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14042](<https://vulners.com/cve/CVE-2018-14042>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-container property of tooltip. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146466](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146466>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14040](<https://vulners.com/cve/CVE-2018-14040>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the collapse data-parent attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146468](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146468>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11499](<https://vulners.com/cve/CVE-2018-11499>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a use-after-free in handle_error() in sass_context.cpp. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-16119](<https://vulners.com/cve/CVE-2017-16119>) \n** DESCRIPTION: **Node.js fresh module is vulnerable to regular expression denial of service when passing untrusted user input. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135866](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135866>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-20149](<https://vulners.com/cve/CVE-2019-20149>) \n** DESCRIPTION: **kind-of could allow a remote attacker to bypass security restrictions, caused by improper validation of user supplied input in ctorName in index.js. By sending a specially-crafted payload, an attacker could exploit this vulnerability to overwrite the builtin attribute to manipulate the type detection result. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8116](<https://vulners.com/cve/CVE-2020-8116>) \n** DESCRIPTION: **Node.js dot-prop could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175850](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175850>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-7608](<https://vulners.com/cve/CVE-2020-7608>) \n** DESCRIPTION: **Node.js yargs-parser module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or modifying properties of Object.prototype using a __proto__ payload, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178132](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178132>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-7598](<https://vulners.com/cve/CVE-2020-7598>) \n** DESCRIPTION: **minimist could provide weaker than expected security, caused by a prototype pollution flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to add or modify properties of Object.prototype. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177780](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177780>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-11697](<https://vulners.com/cve/CVE-2018-11697>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::Prelexer::exactly(). By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-10735](<https://vulners.com/cve/CVE-2016-10735>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155339](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155339>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-20676](<https://vulners.com/cve/CVE-2018-20676>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155338](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155338>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Netezza for Cloud Pak for Data | All \n \n## Remediation/Fixes\n\nProduct| VRMF| Remediation/First Fix \n---|---|--- \nIBM Netezza for Cloud Pak for Data | 11.1.1.0 | [Link to Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=11.1.1.0-IM-INZCPD-fp200831&product=ibm%2FInformation%20Management%2FIBM%20Netezza%20for%20Cloud%20Pak%20for%20Data&source=dbluesearch&mhsrc=ibmsearch_s&mhq=IBM%20Netezza%20for%20Cloud%20Pak%20for%20Data%2011.1.1.0&function=fixId&parent=ibm/Information%20Management> \"Link to Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-15T06:58:30", "type": "ibm", "title": "Security Bulletin: OSS scan fixes for Content pos", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10735", "CVE-2017-16119", "CVE-2018-11499", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-14040", "CVE-2018-14042", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20676", "CVE-2018-20677", "CVE-2018-20822", "CVE-2019-20149", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2019-8331", "CVE-2020-7598", "CVE-2020-7608", "CVE-2020-8116", "CVE-2020-8203"], "modified": "2020-12-15T06:58:30", "id": "FD0E85A6790A7A5E9E4ED07F7E069BEFCDF351251124844206CB202EC5DE5168", "href": "https://www.ibm.com/support/pages/node/6382126", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-07T01:48:18", "description": "## Summary\n\nIBM Watson Machine Learning Accelerator on Cloud Pak for Data component GUI, Notebook and Logstash are vulenrable to multiple vunerabilites. These are fixed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-25857](<https://exchange.xforce.ibmcloud.com/vulnerabilities/234864>) \n** DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/234864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/234864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-38749](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235313>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235313](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235313>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-38752](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235310>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235310](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235310>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-38750](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235312>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235312](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235312>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-38751](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235311>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-0536](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-0155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) \n** DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-31129](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230690>) \n** DESCRIPTION: **Moment is vulnerable to a denial of service, caused by inefficient regular expression complexity. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230690](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230690>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-41854](<https://exchange.xforce.ibmcloud.com/vulnerabilities/240890>) \n** DESCRIPTION: **snakeYAML is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted YAML content, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/240890](<https://exchange.xforce.ibmcloud.com/vulnerabilities/240890>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-18797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171289>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Eval::operator() in eval.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171289](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171289>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Eval::operator() in eval.cpp. By using a specially crafted sass input file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11499](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a use-after-free in handle_error() in sass_context.cpp. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20822](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33502](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202299>) \n** DESCRIPTION: **Node.js normalize-url module is vulnerable to a denial of service, caused by a ReDoS (regular expression denial of service) flaw in the data URLs. By using a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202299](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202299>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-11697](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::Prelexer::exactly(). By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20821](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6283](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11694](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Functions::selector_append. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19838](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-28499](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197042>) \n** DESCRIPTION: **Node.js merge module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the_recursiveMerge function. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197042](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197042>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2022-1471](<https://exchange.xforce.ibmcloud.com/vulnerabilities/241118>) \n** DESCRIPTION: **SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Constructor class. By using a specially-crafted yaml content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/241118](<https://exchange.xforce.ibmcloud.com/vulnerabilities/241118>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L) \n \n** CVEID: **[CVE-2022-24785](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223451>) \n** DESCRIPTION: **Moment.js could allow a remote attacker to traverse directories on the system, caused by improper validation of user supplied input. An attacker could send a specially-crafted locale string containing \"dot dot\" sequences (/../) to switch arbitrary moment locale. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-0512](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219768>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improperly handeling username and password. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219768](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219768>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-0686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220105>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by an issue with unable to find the correct hostname when no port number is provided in the url. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform SSRF, open redirect or other attacks depends on the hostname field of parsed url. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220105](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220105>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-0691](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220107>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improper validation of \\b (backspace) character. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation and leads to false positive in the extractProtocol() function. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-0639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219864>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by incorrect conversion of @ in protocol in the href. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-3664](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206324>) \n** DESCRIPTION: **url-parse could allow a remote attacker to conduct phishing attacks, caused by the mishandling of backlash \"\\\" characters in a URI. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206324](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206324>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-27515](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197152>) \n** DESCRIPTION: **url-parse could allow a remote attacker to obtain sensitive information, caused by the mishandling of certain uses of backslash such as http:\\/. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197152](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197152>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-42004](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237660>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer._deserializeFromArray function. By sending a specially-crafted request using deeply nested arrays, a local attacker could exploit this vulnerability to exhaust all available resources. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237660>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-42003](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237662>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. By sending a specially-crafted request using deep wrapper array nesting, a local attacker could exploit this vulnerability to exhaust all available resources. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237662](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237662>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36518](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222319>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a Java StackOverflow exception. By using a large depth of nested objects, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222319](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222319>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-0286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/246611>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a type confusion error related to X.400 address processing inside an X.509 GeneralName. By passing arbitrary pointers to a memcmp call, a remote attacker could exploit this vulnerability to read memory contents or cause a denial of service. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/246611](<https://exchange.xforce.ibmcloud.com/vulnerabilities/246611>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)\n\n## Affected Products and Versions\n\n * Affected Product(s)| Version(s) \n---|--- \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.3.9 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.4.0, 2.4.1 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.5.0 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.6.0 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 3.0.0, 3.1.0, 3.2.0, 3.3.0, 3.4.0, 3.5.0 \n \n## Remediation/Fixes\n\nTo address the vulnerability:\n\nUpgrade Watson Machine Learning Accelerator on Cloud Pak for Data to the latest version by following the end user document [https://www.ibm.com/docs/en/cloud-paks/cp-data/4.8.x?topic=upgrading](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x?topic=upgrading>). \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-12-06T16:46:17", "type": "ibm", "title": "Security Bulletin: Mutiple Vulnerabilties in Open Source packages affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11499", "CVE-2018-11694", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-18797", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-28499", "CVE-2020-36518", "CVE-2021-27515", "CVE-2021-33502", "CVE-2021-3664", "CVE-2022-0155", "CVE-2022-0512", "CVE-2022-0536", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691", "CVE-2022-1471", "CVE-2022-24785", "CVE-2022-25857", "CVE-2022-31129", "CVE-2022-38749", "CVE-2022-38750", "CVE-2022-38751", "CVE-2022-38752", "CVE-2022-41854", "CVE-2022-42003", "CVE-2022-42004", "CVE-2023-0286"], "modified": "2023-12-06T16:46:17", "id": "3DF12CE7E405A27C5D5CD02B7E82B121B9FC8066351CBDF237840051F5E9A63F", "href": "https://www.ibm.com/support/pages/node/7091276", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T22:37:21", "description": "## Summary\n\nIBM QRadar User Behavior Analytics contains vulnerable packages/components and that may be identified and potentially exploited. The package has been updated in the latest release and the vulnerabilities identified in the CVEs have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of IBM QRadar User Behavior Analytics.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-6283](<https://vulners.com/cve/CVE-2019-6283>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155594>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20821](<https://vulners.com/cve/CVE-2018-20821>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11698](<https://vulners.com/cve/CVE-2018-11698>) \n** DESCRIPTION: **LibSaas could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read of a memory region in the function Sass::handle_error. By using a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144297](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144297>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2020-24025](<https://vulners.com/cve/CVE-2020-24025>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19838](<https://vulners.com/cve/CVE-2018-19838>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENT_AST_OPERATORS expansion in ast.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11694](<https://vulners.com/cve/CVE-2018-11694>) \n** DESCRIPTION: **LibSaas is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Functions::selector_append. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19827](<https://vulners.com/cve/CVE-2018-19827>) \n** DESCRIPTION: **Libsass is vulnerable to a denial of service, caused by a use after free in the SharedPtr class in SharedPtr.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153718](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153718>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20190](<https://vulners.com/cve/CVE-2018-20190>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Eval::operator() in eval.cpp. By using a specially crafted sass input file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154428>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6286](<https://vulners.com/cve/CVE-2019-6286>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-6284](<https://vulners.com/cve/CVE-2019-6284>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19839](<https://vulners.com/cve/CVE-2018-19839>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a heap-based buffer over-read in the handle_error function in sass_context.cpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-19797](<https://vulners.com/cve/CVE-2018-19797>) \n** DESCRIPTION: **LibSass is vulnerable to a denial of service, caused by a NULL pointer dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-37601](<https://vulners.com/cve/CVE-2022-37601>) \n** DESCRIPTION: **webpack loader-utils could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the parseQuery function in parseQuery.js. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238763](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238763>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-37603](<https://vulners.com/cve/CVE-2022-37603>) \n** DESCRIPTION: **webpack loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the interpolateName function in interpolateName.js. By sending a specially-crafted regex input using the url variable, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238766](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238766>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-37598](<https://vulners.com/cve/CVE-2022-37598>) \n** DESCRIPTION: **Node.js UglifyJS module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the DEFNODE function in ast.js. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42581](<https://vulners.com/cve/CVE-2021-42581>) \n** DESCRIPTION: **Ramda could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the mapObjIndexed function. By supplying a specially-crafted object using the __proto__ argument, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226072](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226072>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39227](<https://vulners.com/cve/CVE-2021-39227>) \n** DESCRIPTION: **Baidu EFE team ZRender could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the merge and clone helper methods in the src/core/util.ts. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of servuce condition on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209652>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3765](<https://vulners.com/cve/CVE-2021-3765>) \n** DESCRIPTION: **validator.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw when calling the rtrim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-31129](<https://vulners.com/cve/CVE-2022-31129>) \n** DESCRIPTION: **Moment is vulnerable to a denial of service, caused by inefficient regular expression complexity. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230690](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230690>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-24785](<https://vulners.com/cve/CVE-2022-24785>) \n** DESCRIPTION: **Moment.js could allow a remote attacker to traverse directories on the system, caused by improper validation of user supplied input. An attacker could send a specially-crafted locale string containing \"dot dot\" sequences (/../) to switch arbitrary moment locale. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-23343](<https://vulners.com/cve/CVE-2021-23343>) \n** DESCRIPTION: **path-parse is vulnerable to a denial of service. By sending a specially-crafted request via splitDeviceRe, splitTailRe, and splitPathRe regular expressions, a remote attacker could exploit this vulnerability to cause a regular expression denial of service (ReDoS). \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201206](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201206>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-15366](<https://vulners.com/cve/CVE-2020-15366>) \n** DESCRIPTION: **Ajv (aka Another JSON Schema Validator) could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the ajv.validate function. By sending a specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185626](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185626>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23382](<https://vulners.com/cve/CVE-2021-23382>) \n** DESCRIPTION: **Node.js postcss module is vulnerable to a denial of service, caused by a regular expression denial of Service (ReDoS) flaw in the getAnnotationURL() and loadAnnotation() functions in lib/previous-map.js. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200772](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200772>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-25927](<https://vulners.com/cve/CVE-2022-25927>) \n** DESCRIPTION: **Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/245569](<https://exchange.xforce.ibmcloud.com/vulnerabilities/245569>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-37599](<https://vulners.com/cve/CVE-2022-37599>) \n** DESCRIPTION: **loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the interpolateName.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238443](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238443>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-24999](<https://vulners.com/cve/CVE-2022-24999>) \n** DESCRIPTION: **Express.js Express is vulnerable to a denial of service, caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/240815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/240815>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-32803](<https://vulners.com/cve/CVE-2021-32803>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient symlink protection. An attacker could use a specially-crafted tar file containing \"dot dot\" sequences (/../) to create or overwrite arbitrary files on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206717](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206717>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-37712](<https://vulners.com/cve/CVE-2021-37712>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file creation/overwrite vulnerability. By creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, an attacker could use an untrusted tar file to symlink into an arbitrary location and extract arbitrary files into that location to create or overwrite arbitrary files and execute arbitrary code on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208450](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208450>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-37701](<https://vulners.com/cve/CVE-2021-37701>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file creation/overwrite vulnerability. By creating a directory, and then replacing that directory with a symlink, an attacker could use an untrusted tar file to symlink into an arbitrary location and extract arbitrary files into that location to create or overwrite arbitrary files and execute arbitrary code on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208442](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208442>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-37713](<https://vulners.com/cve/CVE-2021-37713>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by insufficient logic on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target. An attacker could exploit this vulnerability to create or overwrite arbitrary files and execute arbitrary code on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-32804](<https://vulners.com/cve/CVE-2021-32804>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient absolute path sanitization. An attacker could use a specially-crafted tar file containing \"dot dot\" sequences (/../) to create or overwrite arbitrary files on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206719](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206719>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2020-7764](<https://vulners.com/cve/CVE-2020-7764>) \n** DESCRIPTION: **find-my-way is vulnerable to a denial of service, caused by a web cache poisoning attack when accepting the Accept-Version header by default. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191661](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191661>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23364](<https://vulners.com/cve/CVE-2021-23364>) \n** DESCRIPTION: **Browserslist is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) during parsing of queries. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200951](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200951>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-25758](<https://vulners.com/cve/CVE-2022-25758>) \n** DESCRIPTION: **Node.js scss-tokenizer module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) vulnerability in the loadAnnotation() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230259](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230259>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-23362](<https://vulners.com/cve/CVE-2021-23362>) \n** DESCRIPTION: **Node.js hosted-git-info module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the fromUrl function in index.js. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198792](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198792>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23368](<https://vulners.com/cve/CVE-2021-23368>) \n** DESCRIPTION: **Node.js postcss module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw during source map parsing. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199767](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199767>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-3918](<https://vulners.com/cve/CVE-2021-3918>) \n** DESCRIPTION: **Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of object prototype attributes. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213750](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213750>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-29060](<https://vulners.com/cve/CVE-2021-29060>) \n** DESCRIPTION: **Node.js Color-String module is vulnerable to a denial of service, caused by an error when the application is provided and checks a crafted invalid HWB string. By sending a specially crafted string, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204156](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204156>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-25901](<https://vulners.com/cve/CVE-2022-25901>) \n** DESCRIPTION: **Node.js cookiejar module is vulnerable to a denial of service, caused by an insecure regular expression in the Cookie.parse function. A remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/245045](<https://exchange.xforce.ibmcloud.com/vulnerabilities/245045>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-42740](<https://vulners.com/cve/CVE-2021-42740>) \n** DESCRIPTION: **Node.js shell-quote module could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw with windows drive letter regex. By sending a specially-crafted shell metacharacters, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3807](<https://vulners.com/cve/CVE-2021-3807>) \n** DESCRIPTION: **Chalk ansi-regex module for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209596](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209596>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** IBM X-Force ID: **212233 \n** DESCRIPTION: **d3-color is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted string that starts with the letter 'A' to the rgb() and hrc() functions, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/212233 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212233>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nQRadar User Behavior Analytics| 1.0.0 - 4.1.10 \n \n\n\n## Remediation/Fixes\n\n**IBM encourages customers to update their systems promptly.**\n\nPlease follow this link to update to version [4.1.11](<https://exchange.xforce.ibmcloud.com/hub/extension/6f5cc6de1e5e2dad38bfa755c3f2b80b>).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-03-30T16:06:45", "type": "ibm", "title": "Security Bulletin: IBM QRadar User Behavior Analytics is vulnerable to components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11694", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286", "CVE-2020-15366", "CVE-2020-24025", "CVE-2020-7764", "CVE-2021-23343", "CVE-2021-23362", "CVE-2021-23364", "CVE-2021-23368", "CVE-2021-23382", "CVE-2021-29060", "CVE-2021-32803", "CVE-2021-32804", "CVE-2021-3765", "CVE-2021-37701", "CVE-2021-37712", "CVE-2021-37713", "CVE-2021-3807", "CVE-2021-3918", "CVE-2021-39227", "CVE-2021-42581", "CVE-2021-42740", "CVE-2022-24785", "CVE-2022-24999", "CVE-2022-25758", "CVE-2022-25901", "CVE-2022-25927", "CVE-2022-31129", "CVE-2022-37598", "CVE-2022-37599", "CVE-2022-37601", "CVE-2022-37603"], "modified": "2023-03-30T16:06:45", "id": "57ECB2F42238F3129A22A7BF7162482997E17DA631367C7851A710687B01C414", "href": "https://www.ibm.com/support/pages/node/6967283", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T18:08:47", "description": "## Summary\n\nIBM Edge Application Manager 4.5 has resolved the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-33587](<https://vulners.com/cve/CVE-2021-33587>) \n** DESCRIPTION: **An unspecified error related to the failure to ensure that attribute parsing has Linear Time Complexity in Node.js css-what module has an unknown impact and attack vector. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202757](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202757>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \n \n\n\n## Remediation/Fixes\n\nThe fix/upgrade is a set of docker images, that will automatically be pulled and deployed from both dockerhub and the IBM Entitled Registry.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-05-15T19:05:53", "type": "ibm", "title": "Security Bulletin: Open Source Dependency Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33587"], "modified": "2023-05-15T19:05:53", "id": "5F4385495D3887060B4B9CFB1FDA64CC9D5B4ECD22384C0EE4D8EE768E9A1131", "href": "https://www.ibm.com/support/pages/node/6991651", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T18:08:53", "description": "## Summary\n\nIBM Edge Application Manager 4.5 has resolved the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23364](<https://vulners.com/cve/CVE-2021-23364>) \n** DESCRIPTION: **Browserslist is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) during parsing of queries. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200951](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200951>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \n \n\n\n## Remediation/Fixes\n\nThe fix/upgrade is a set of docker images, that will automatically be pulled and deployed from both dockerhub and the IBM Entitled Registry.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-05-15T18:11:50", "type": "ibm", "title": "Security Bulletin: Open Source Dependency Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23364"], "modified": "2023-05-15T18:11:50", "id": "4719F10AF48A5BD903A6C73BC383AF43CFF939F225925A8C7CDF0873EC7C5679", "href": "https://www.ibm.com/support/pages/node/6991605", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:51:34", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains vulnerable versions of Node.js modules.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-15138](<https://vulners.com/cve/CVE-2019-15138>) \n** DESCRIPTION: **Node.js html-pdf module could allow a remote attacker to obtain sensitive information, caused by improper input validation. By sending a specially-crafted XHR request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167405](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167405>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-10745](<https://vulners.com/cve/CVE-2019-10745>) \n** DESCRIPTION: **Node.js assign-deep module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor or a _proto_ payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167419](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167419>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-10747](<https://vulners.com/cve/CVE-2019-10747>) \n** DESCRIPTION: **Node.js set-value module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167421](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167421>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-10746](<https://vulners.com/cve/CVE-2019-10746>) \n** DESCRIPTION: **Node.js mixin-deep module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167420](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167420>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** Third Party Entry: **184667 \n** DESCRIPTION: **Node.js npm-registry-fetch module information disclosure \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/184667 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184667>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** Third Party Entry: **184666 \n** DESCRIPTION: **Node.js npm CLI module information disclosure \nCVSS Base score: 4.7 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/184666 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** Third Party Entry: **183560 \n** DESCRIPTION: **Node.js lodash module denial of service \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/183560 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.1.3 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.1.4 \n \n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-29T08:56:55", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js modules", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744", "CVE-2019-10745", "CVE-2019-10746", "CVE-2019-10747", "CVE-2019-15138"], "modified": "2020-08-29T08:56:55", "id": "EEB2361CC674CA5958E10BC3152430D3B5AE7AEE5701640829F56F8548E53B31", "href": "https://www.ibm.com/support/pages/node/6323247", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:09:10", "description": "## Summary\n\nA Security Vulnerability affects IBM Cloud Automation Manager - Node.js\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10747](<https://vulners.com/cve/CVE-2019-10747>) \n** DESCRIPTION: **Node.js set-value module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167421](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167421>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Automation Manager| 3.2.1.0 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Cloud Automation Manager 3.2.1.4 or newer.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-05-15T12:07:40", "type": "ibm", "title": "Security Bulletin: A Security Vulnerability affects IBM Cloud Automation Manager - Node.js (CVE-2019-10747)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10747"], "modified": "2023-05-15T12:07:40", "id": "A78852C03F1F9D9C01212BDCD82D1DDBFD65113B9834EA1E7FCA9F313C15B4FF", "href": "https://www.ibm.com/support/pages/node/6205752", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-31T16:54:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-07-24T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libsass (openSUSE-SU-2019:1791-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19839", "CVE-2019-6283", "CVE-2018-11499", "CVE-2018-20822", "CVE-2018-20190", "CVE-2018-19837", "CVE-2018-19797", "CVE-2019-6284", "CVE-2018-19827", "CVE-2018-20821", "CVE-2019-6286", "CVE-2018-19838"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852636", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852636", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852636\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-11499\", \"CVE-2018-19797\", \"CVE-2018-19827\", \"CVE-2018-19837\", \"CVE-2018-19838\", \"CVE-2018-19839\", \"CVE-2018-20190\", \"CVE-2018-20821\", \"CVE-2018-20822\", \"CVE-2019-6283\", \"CVE-2019-6284\", \"CVE-2019-6286\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-24 02:01:46 +0000 (Wed, 24 Jul 2019)\");\n script_name(\"openSUSE: Security Advisory for libsass (openSUSE-SU-2019:1791-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1791-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libsass'\n package(s) announced via the openSUSE-SU-2019:1791-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libsass to version 3.6.1 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6283: Fixed heap-buffer-overflow in\n Sass::Prelexer::parenthese_scope(char const*) (boo#1121943).\n\n - CVE-2019-6284: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:alternatives (boo#1121944).\n\n - CVE-2019-6286: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:skip_over_scopes (boo#1121945).\n\n - CVE-2018-11499: Fixed use-after-free vulnerability in\n sass_context.cpp:handle_error (boo#1096894).\n\n - CVE-2018-19797: Disallowed parent selector in selector_fns arguments\n (boo#1118301).\n\n - CVE-2018-19827: Fixed use-after-free vulnerability exists in the\n SharedPtr class (boo#1118346).\n\n - CVE-2018-19837: Fixed stack overflow in Eval::operator() (boo#1118348).\n\n - CVE-2018-19838: Fixed stack-overflow at IMPLEMENT_AST_OPERATORS\n expansion (boo#1118349).\n\n - CVE-2018-19839: Fixed buffer-overflow (OOB read) against some invalid\n input (boo#1118351).\n\n - CVE-2018-20190: Fixed Null pointer dereference in\n Sass::Eval::operator()(Sass::Supports_Operator*) (boo#1119789).\n\n - CVE-2018-20821: Fixed uncontrolled recursion in\n Sass:Parser:parse_css_variable_value (boo#1133200).\n\n - CVE-2018-20822: Fixed stack-overflow at Sass::Inspect::operator()\n (boo#1133201).\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1791=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1791=1\");\n\n script_tag(name:\"affected\", value:\"'libsass' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libsass-3_6_1-1\", rpm:\"libsass-3_6_1-1~3.6.1~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsass-3_6_1-1-debuginfo\", rpm:\"libsass-3_6_1-1-debuginfo~3.6.1~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsass-debugsource\", rpm:\"libsass-debugsource~3.6.1~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsass-devel\", rpm:\"libsass-devel~3.6.1~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:29:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-27T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2020:0059_1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16777", "CVE-2019-16776", "CVE-2019-16775"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310853004", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853004", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853004\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-27 09:18:01 +0000 (Mon, 27 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2020:0059_1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0059-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs8'\n package(s) announced via the openSUSE-SU-2020:0059-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for nodejs8 to version 8.17.0 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4,\n fixing an arbitrary path overwrite and access via 'bin' field\n (bsc#1159352).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-59=1\");\n\n script_tag(name:\"affected\", value:\"'nodejs8' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8\", rpm:\"nodejs8~8.17.0~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-debuginfo\", rpm:\"nodejs8-debuginfo~8.17.0~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-debugsource\", rpm:\"nodejs8-debugsource~8.17.0~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-devel\", rpm:\"nodejs8-devel~8.17.0~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"npm8\", rpm:\"npm8~8.17.0~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs8-docs\", rpm:\"nodejs8-docs~8.17.0~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-01-29T18:31:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-27T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for nodejs (FEDORA-2020-595ce5e3cc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16777", "CVE-2019-16776", "CVE-2019-16775", "CVE-2019-17592"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310877356", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877356", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877356\");\n script_version(\"2020-01-28T10:45:23+0000\");\n script_cve_id(\"CVE-2019-17592\", \"CVE-2019-16776\", \"CVE-2019-16775\", \"CVE-2019-16777\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 10:45:23 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-27 09:22:58 +0000 (Mon, 27 Jan 2020)\");\n script_name(\"Fedora: Security Advisory for nodejs (FEDORA-2020-595ce5e3cc)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-595ce5e3cc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs'\n package(s) announced via the FEDORA-2020-595ce5e3cc advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Node.js is a platform built on Chrome&#39, s JavaScript runtime\nfor easily building fast, scalable network applications.\nNode.js uses an event-driven, non-blocking I/O model that\nmakes it lightweight and efficient, perfect for data-intensive\nreal-time applications that run across distributed devices.\");\n\n script_tag(name:\"affected\", value:\"'nodejs' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs\", rpm:\"nodejs~12.14.1~3.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-01-29T18:31:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-27T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for libuv (FEDORA-2020-595ce5e3cc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16777", "CVE-2019-16776", "CVE-2019-16775", "CVE-2019-17592"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310877375", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877375", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877375\");\n script_version(\"2020-01-28T10:45:23+0000\");\n script_cve_id(\"CVE-2019-17592\", \"CVE-2019-16776\", \"CVE-2019-16775\", \"CVE-2019-16777\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 10:45:23 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-27 09:25:34 +0000 (Mon, 27 Jan 2020)\");\n script_name(\"Fedora: Security Advisory for libuv (FEDORA-2020-595ce5e3cc)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-595ce5e3cc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3MQIRHVNQ6SGMDUQ4KKYJXYKSJTSGDF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libuv'\n package(s) announced via the FEDORA-2020-595ce5e3cc advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"libuv is a new platform layer for Node. Its purpose is to abstract IOCP on\nWindows and libev on Unix systems. We intend to eventually contain all platform\ndifferences in this library.\");\n\n script_tag(name:\"affected\", value:\"'libuv' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libuv\", rpm:\"libuv~1.34.1~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-02-14T14:37:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-08T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for nodejs-mixin-deep (FEDORA-2020-4a8f110332)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10746"], "modified": "2020-02-14T00:00:00", "id": "OPENVAS:1361412562310877449", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877449", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877449\");\n script_version(\"2020-02-14T06:25:11+0000\");\n script_cve_id(\"CVE-2019-10746\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-14 06:25:11 +0000 (Fri, 14 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-08 04:04:35 +0000 (Sat, 08 Feb 2020)\");\n script_name(\"Fedora: Security Advisory for nodejs-mixin-deep (FEDORA-2020-4a8f110332)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-4a8f110332\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs-mixin-deep'\n package(s) announced via the FEDORA-2020-4a8f110332 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Deeply mix the properties of objects into the first object. Like merge-deep,\nbut doesn&#39, t clone.\");\n\n script_tag(name:\"affected\", value:\"'nodejs-mixin-deep' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nodejs-mixin-deep\", rpm:\"nodejs-mixin-deep~1.3.2~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-11-06T19:35:56", "description": "An update that fixes 12 vulnerabilities is now available.\n\nDescription:\n\n This update for libsass to version 3.6.1 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6283: Fixed heap-buffer-overflow in\n Sass::Prelexer::parenthese_scope(char const*) (boo#1121943).\n - CVE-2019-6284: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:alternatives (boo#1121944).\n - CVE-2019-6286: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:skip_over_scopes (boo#1121945).\n - CVE-2018-11499: Fixed use-after-free vulnerability in\n sass_context.cpp:handle_error (boo#1096894).\n - CVE-2018-19797: Disallowed parent selector in selector_fns arguments\n (boo#1118301).\n - CVE-2018-19827: Fixed use-after-free vulnerability exists in the\n SharedPtr class (boo#1118346).\n - CVE-2018-19837: Fixed stack overflow in Eval::operator() (boo#1118348).\n - CVE-2018-19838: Fixed stack-overflow at IMPLEMENT_AST_OPERATORS\n expansion (boo#1118349).\n - CVE-2018-19839: Fixed buffer-overflow (OOB read) against some invalid\n input (boo#1118351).\n - CVE-2018-20190: Fixed Null pointer dereference in\n Sass::Eval::operator()(Sass::Supports_Operator*) (boo#1119789).\n - CVE-2018-20821: Fixed uncontrolled recursion in\n Sass:Parser:parse_css_variable_value (boo#1133200).\n - CVE-2018-20822: Fixed stack-overflow at Sass::Inspect::operator()\n (boo#1133201).\n\n This update was imported from the openSUSE:Leap:15.0:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15:\n\n zypper in -t patch openSUSE-2019-1800=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-24T00:00:00", "type": "suse", "title": "Security update for libsass (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11499", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19837", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2019-07-24T00:00:00", "id": "OPENSUSE-SU-2019:1800-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TKUSHJ5N3XI2SULIOHCBE47TMJ7A5XA4/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-08T04:10:11", "description": "An update that fixes 12 vulnerabilities is now available.\n\nDescription:\n\n This update for libsass to version 3.6.1 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6283: Fixed heap-buffer-overflow in\n Sass::Prelexer::parenthese_scope(char const*) (boo#1121943).\n - CVE-2019-6284: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:alternatives (boo#1121944).\n - CVE-2019-6286: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:skip_over_scopes (boo#1121945).\n - CVE-2018-11499: Fixed use-after-free vulnerability in\n sass_context.cpp:handle_error (boo#1096894).\n - CVE-2018-19797: Disallowed parent selector in selector_fns arguments\n (boo#1118301).\n - CVE-2018-19827: Fixed use-after-free vulnerability exists in the\n SharedPtr class (boo#1118346).\n - CVE-2018-19837: Fixed stack overflow in Eval::operator() (boo#1118348).\n - CVE-2018-19838: Fixed stack-overflow at IMPLEMENT_AST_OPERATORS\n expansion (boo#1118349).\n - CVE-2018-19839: Fixed buffer-overflow (OOB read) against some invalid\n input (boo#1118351).\n - CVE-2018-20190: Fixed Null pointer dereference in\n Sass::Eval::operator()(Sass::Supports_Operator*) (boo#1119789).\n - CVE-2018-20821: Fixed uncontrolled recursion in\n Sass:Parser:parse_css_variable_value (boo#1133200).\n - CVE-2018-20822: Fixed stack-overflow at Sass::Inspect::operator()\n (boo#1133201).\n\n This update was imported from the openSUSE:Leap:15.0:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP1:\n\n zypper in -t patch openSUSE-2019-1883=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-14T00:00:00", "type": "suse", "title": "Security update for libsass (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11499", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19837", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2019-08-14T00:00:00", "id": "OPENSUSE-SU-2019:1883-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HPU3GRLOX4PSKM4UBZP2UQ5JATS5U6U6/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-06T19:35:56", "description": "An update that fixes 12 vulnerabilities is now available.\n\nDescription:\n\n This update for libsass to version 3.6.1 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6283: Fixed heap-buffer-overflow in\n Sass::Prelexer::parenthese_scope(char const*) (boo#1121943).\n - CVE-2019-6284: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:alternatives (boo#1121944).\n - CVE-2019-6286: Fixed heap-based buffer over-read exists in\n Sass:Prelexer:skip_over_scopes (boo#1121945).\n - CVE-2018-11499: Fixed use-after-free vulnerability in\n sass_context.cpp:handle_error (boo#1096894).\n - CVE-2018-19797: Disallowed parent selector in selector_fns arguments\n (boo#1118301).\n - CVE-2018-19827: Fixed use-after-free vulnerability exists in the\n SharedPtr class (boo#1118346).\n - CVE-2018-19837: Fixed stack overflow in Eval::operator() (boo#1118348).\n - CVE-2018-19838: Fixed stack-overflow at IMPLEMENT_AST_OPERATORS\n expansion (boo#1118349).\n - CVE-2018-19839: Fixed buffer-overflow (OOB read) against some invalid\n input (boo#1118351).\n - CVE-2018-20190: Fixed Null pointer dereference in\n Sass::Eval::operator()(Sass::Supports_Operator*) (boo#1119789).\n - CVE-2018-20821: Fixed uncontrolled recursion in\n Sass:Parser:parse_css_variable_value (boo#1133200).\n - CVE-2018-20822: Fixed stack-overflow at Sass::Inspect::operator()\n (boo#1133201).\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1791=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1791=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-23T00:00:00", "type": "suse", "title": "Security update for libsass (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11499", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19837", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2019-07-23T00:00:00", "id": "OPENSUSE-SU-2019:1791-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YJ7FECPNTPURCXIOZ6UWOJFRTA4TVLME/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-09T21:01:57", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for nodejs8 to version 8.17.0 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4,\n fixing an arbitrary path overwrite and access via \"bin\" field\n (bsc#1159352).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-59=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-01-15T00:00:00", "type": "suse", "title": "Security update for nodejs8 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-01-15T00:00:00", "id": "OPENSUSE-SU-2020:0059-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZTYFGA4QM5SQ3SGXQOYK3EH3UJ2NB6H7/", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}], "mageia": [{"lastseen": "2023-12-06T21:21:27", "description": "Use-after-free vulnerability in sass_context.cpp:handle_error (CVE-2018-11499). Null pointer dereference in Sass::Selector_List::populate_extends (CVE-2018-19797). Use-after-free vulnerability exists in the SharedPtr class (CVE-2018-19827). Stack overflow in Eval::operator() (CVE-2018-19837). Stack-overflow at IMPLEMENT_AST_OPERATORS expansion (CVE-2018-19838). Buffer-overflow (OOB read) against some invalid input (CVE-2018-19839). Null pointer dereference in Sass::Eval::operator() (Sass::Supports_Operator*) (CVE-2018-20190). Uncontrolled recursion in Sass:Parser:parse_css_variable_value (CVE-2018-20821). Stack-overflow at Sass::Inspect::operator() (CVE-2018-20822). Heap-buffer-overflow in Sass::Prelexer::parenthese_scope(char const*) (CVE-2019-6283). Heap-based buffer over-read exists in Sass:Prelexer:alternatives (CVE-2019-6284). Heap-based buffer over-read exists in Sass:Prelexer:skip_over_scopes (CVE-2019-6286). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-28T10:52:40", "type": "mageia", "title": "Updated libsass packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11499", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19837", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2020-01-28T10:52:39", "id": "MGASA-2020-0049", "href": "https://advisories.mageia.org/MGASA-2020-0049.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T16:56:01", "description": "Updated nodejs-chownr package fixes security vulnerability: A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks (CVE-2017-18869). \n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 2.5, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-04-02T23:25:05", "type": "mageia", "title": "Updated nodejs-chownr packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18869"], "modified": "2021-04-02T23:25:05", "id": "MGASA-2021-0169", "href": "https://advisories.mageia.org/MGASA-2021-0169.html", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T16:56:00", "description": "Updated nodejs-set-value package fixes security vulnerability: A vulnerability was found in NOdejs set-value, where set-value is vulnerable to prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads (CVE-2019-10747). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-27T03:46:12", "type": "mageia", "title": "Updated nodejs-set-value packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10747"], "modified": "2020-05-27T03:46:12", "id": "MGASA-2020-0230", "href": "https://advisories.mageia.org/MGASA-2020-0230.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-12-05T15:54:27", "description": "This update for libsass to version 3.6.1 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthese_scope(char const*) (boo#1121943).\n\n - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives (boo#1121944).\n\n - CVE-2019-6286: Fixed heap-based buffer over-read exists in Sass:Prelexer:skip_over_scopes (boo#1121945).\n\n - CVE-2018-11499: Fixed use-after-free vulnerability in sass_context.cpp:handle_error (boo#1096894).\n\n - CVE-2018-19797: Disallowed parent selector in selector_fns arguments (boo#1118301).\n\n - CVE-2018-19827: Fixed use-after-free vulnerability exists in the SharedPtr class (boo#1118346).\n\n - CVE-2018-19837: Fixed stack overflow in Eval::operator() (boo#1118348).\n\n - CVE-2018-19838: Fixed stack-overflow at IMPLEMENT_AST_OPERATORS expansion (boo#1118349).\n\n - CVE-2018-19839: Fixed buffer-overflow (OOB read) against some invalid input (boo#1118351).\n\n - CVE-2018-20190: Fixed NULL pointer dereference in Sass::Eval::operator()(Sass::Supports_Operator*) (boo#1119789).\n\n - CVE-2018-20821: Fixed uncontrolled recursion in Sass:Parser:parse_css_variable_value (boo#1133200).\n\n - CVE-2018-20822: Fixed stack-overflow at Sass::Inspect::operator() (boo#1133201).", "cvss3": {}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libsass (openSUSE-2019-1791)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11499", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19837", "CVE-2018-19838", "CVE-2018-19839", "CVE-2018-20190", "CVE-2018-20821", "CVE-2018-20822", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsass-3_6_1-1", "p-cpe:/a:novell:opensuse:libsass-3_6_1-1-debuginfo", "p-cpe:/a:novell:opensuse:libsass-debugsource", "p-cpe:/a:novell:opensuse:libsass-devel", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-1791.NASL", "href": "https://www.tenable.com/plugins/nessus/126975", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1791.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126975);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2018-11499\", \"CVE-2018-19797\", \"CVE-2018-19827\", \"CVE-2018-19837\", \"CVE-2018-19838\", \"CVE-2018-19839\", \"CVE-2018-20190\", \"CVE-2018-20821\", \"CVE-2018-20822\", \"CVE-2019-6283\", \"CVE-2019-6284\", \"CVE-2019-6286\");\n\n script_name(english:\"openSUSE Security Update : libsass (openSUSE-2019-1791)\");\n script_summary(english:\"Check for the openSUSE-2019-1791 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libsass to version 3.6.1 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-6283: Fixed heap-buffer-overflow in\n Sass::Prelexer::parenthese_scope(char const*)\n (boo#1121943).\n\n - CVE-2019-6284: Fixed heap-based buffer over-read exists\n in Sass:Prelexer:alternatives (boo#1121944).\n\n - CVE-2019-6286: Fixed heap-based buffer over-read exists\n in Sass:Prelexer:skip_over_scopes (boo#1121945).\n\n - CVE-2018-11499: Fixed use-after-free vulnerability in\n sass_context.cpp:handle_error (boo#1096894).\n\n - CVE-2018-19797: Disallowed parent selector in\n selector_fns arguments (boo#1118301).\n\n - CVE-2018-19827: Fixed use-after-free vulnerability\n exists in the SharedPtr class (boo#1118346).\n\n - CVE-2018-19837: Fixed stack overflow in Eval::operator()\n (boo#1118348).\n\n - CVE-2018-19838: Fixed stack-overflow at\n IMPLEMENT_AST_OPERATORS expansion (boo#1118349).\n\n - CVE-2018-19839: Fixed buffer-overflow (OOB read) against\n some invalid input (boo#1118351).\n\n - CVE-2018-20190: Fixed NULL pointer dereference in\n Sass::Eval::operator()(Sass::Supports_Operator*)\n (boo#1119789).\n\n - CVE-2018-20821: Fixed uncontrolled recursion in\n Sass:Parser:parse_css_variable_value (boo#1133200).\n\n - CVE-2018-20822: Fixed stack-overflow at\n Sass::Inspect::operator() (boo#1133201).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1096894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1133200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1133201\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libsass packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsass-3_6_1-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsass-3_6_1-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsass-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsass-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsass-3_6_1-1-3.6.1-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsass-3_6_1-1-debuginfo-3.6.1-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsass-debugsource-3.6.1-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libsass-devel-3.6.1-lp151.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsass-3_6_1-1 / libsass-3_6_1-1-debuginfo / libsass-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:46:45", "description": "This update for nodejs8 to version 8.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field (bsc#1159352).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2020-01-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs8 (openSUSE-2020-59)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:nodejs8", "p-cpe:/a:novell:opensuse:nodejs8-debuginfo", "p-cpe:/a:novell:opensuse:nodejs8-debugsource", "p-cpe:/a:novell:opensuse:nodejs8-devel", "p-cpe:/a:novell:opensuse:npm8"], "id": "OPENSUSE-2020-59.NASL", "href": "https://www.tenable.com/plugins/nessus/132920", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-59.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132920);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n\n script_name(english:\"openSUSE Security Update : nodejs8 (openSUSE-2020-59)\");\n script_summary(english:\"Check for the openSUSE-2020-59 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for nodejs8 to version 8.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated\n npm to 6.13.4, fixing an arbitrary path overwrite and\n access via 'bin' field (bsc#1159352).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1159352\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected nodejs8 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16777\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"nodejs8-8.17.0-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"nodejs8-debuginfo-8.17.0-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"nodejs8-debugsource-8.17.0-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"nodejs8-devel-8.17.0-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"npm8-8.17.0-lp151.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs8 / nodejs8-debuginfo / nodejs8-debugsource / nodejs8-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:46:20", "description": "This update for nodejs10 to version 10.18.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field (bsc#1159352).\n\nAdded support for chacha20-poly1305 for Authenticated encryption (AEAD).\n\nNon-security issues fixed: Fix wrong path in gypi files (bsc#1159812)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-13T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2020:0063-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:nodejs10", "p-cpe:/a:novell:suse_linux:nodejs10-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs10-debugsource", "p-cpe:/a:novell:suse_linux:nodejs10-devel", "p-cpe:/a:novell:suse_linux:npm10"], "id": "SUSE_SU-2020-0063-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132850", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0063-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132850);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2020:0063-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs10 to version 10.18.0 fixes the following \nissues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4,\nfixing an arbitrary path overwrite and access via 'bin' field\n(bsc#1159352).\n\nAdded support for chacha20-poly1305 for Authenticated encryption\n(AEAD).\n\nNon-security issues fixed: Fix wrong path in gypi files (bsc#1159812)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16775/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16776/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16777/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200063-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df609e29\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2020-63=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16777\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-16776\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-debuginfo-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-debugsource-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs10-devel-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"npm10-10.18.0-1.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs10\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:46:03", "description": "This update for nodejs10 to version 10.18.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field (bsc#1159352).\n\nAdded support for chacha20-poly1305 for Authenticated encryption (AEAD).\n\nNon-security issues fixed :\n\nFixed wrong path in gypi files (bsc#1159812).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-16T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2020:0104-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:nodejs10", "p-cpe:/a:novell:suse_linux:nodejs10-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs10-debugsource", "p-cpe:/a:novell:suse_linux:nodejs10-devel", "p-cpe:/a:novell:suse_linux:npm10"], "id": "SUSE_SU-2020-0104-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132952", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0104-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132952);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n\n script_name(english:\"SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2020:0104-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs10 to version 10.18.0 fixes the following \nissues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4,\nfixing an arbitrary path overwrite and access via 'bin' field\n(bsc#1159352).\n\nAdded support for chacha20-poly1305 for Authenticated encryption\n(AEAD).\n\nNon-security issues fixed :\n\nFixed wrong path in gypi files (bsc#1159812).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16775/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16776/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16777/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200104-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7dd0ce3\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP1-2020-104=1\n\nSUSE Linux Enterprise Module for Web Scripting 15 :\n\nzypper in -t patch SUSE-SLE-Module-Web-Scripting-15-2020-104=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16777\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-16776\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs10-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs10-debuginfo-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs10-debugsource-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs10-devel-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"npm10-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-debuginfo-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-debugsource-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs10-devel-10.18.0-1.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"npm10-10.18.0-1.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs10\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T16:38:18", "description": "The remote Ubuntu 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4837-1 advisory.\n\n - A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact. (CVE-2018-11499)\n\n - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. (CVE-2018-11693)\n\n - An issue was discovered in LibSass <3.5.3. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-11695)\n\n - An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-11696)\n\n - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. (CVE-2018-11697)\n\n - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. (CVE-2018-11698)\n\n - In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file. (CVE-2018-19797)\n\n - In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-19827)\n\n - In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file. (CVE-2018-19839)\n\n - In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file. (CVE-2018-20190)\n\n - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp. (CVE-2019-6283)\n\n - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.\n (CVE-2019-6284)\n\n - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693. (CVE-2019-6286)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-10-20T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 ESM : LibSass vulnerabilities (USN-4837-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11499", "CVE-2018-11693", "CVE-2018-11695", "CVE-2018-11696", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19839", "CVE-2018-20190", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2023-10-20T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:libsass-dev", "p-cpe:/a:canonical:ubuntu_linux:libsass0"], "id": "UBUNTU_USN-4837-1.NASL", "href": "https://www.tenable.com/plugins/nessus/183625", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4837-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(183625);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/20\");\n\n script_cve_id(\n \"CVE-2018-11499\",\n \"CVE-2018-11693\",\n \"CVE-2018-11695\",\n \"CVE-2018-11696\",\n \"CVE-2018-11697\",\n \"CVE-2018-11698\",\n \"CVE-2018-19797\",\n \"CVE-2018-19827\",\n \"CVE-2018-19839\",\n \"CVE-2018-20190\",\n \"CVE-2019-6283\",\n \"CVE-2019-6284\",\n \"CVE-2019-6286\"\n );\n script_xref(name:\"USN\", value:\"4837-1\");\n\n script_name(english:\"Ubuntu 18.04 ESM : LibSass vulnerabilities (USN-4837-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-4837-1 advisory.\n\n - A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x\n through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly\n unspecified other impact. (CVE-2018-11499)\n\n - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in\n the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose\n information or manipulated to read from unmapped memory causing a denial of service. (CVE-2018-11693)\n\n - An issue was discovered in LibSass <3.5.3. A NULL pointer dereference was found in the function\n Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application\n crash) or possibly have unspecified other impact. (CVE-2018-11695)\n\n - An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function\n Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application\n crash) or possibly have unspecified other impact. (CVE-2018-11696)\n\n - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in\n the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or\n manipulated to read from unmapped memory causing a denial of service. (CVE-2018-11697)\n\n - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in\n the function Sass::handle_error which could be leveraged by an attacker to disclose information or\n manipulated to read from unmapped memory causing a denial of service. (CVE-2018-11698)\n\n - In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in\n SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash)\n via a crafted sass input file. (CVE-2018-19797)\n\n - In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or\n SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other\n impact. (CVE-2018-19827)\n\n - In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a\n denial-of-service resulting from a heap-based buffer over-read via a crafted sass file. (CVE-2018-19839)\n\n - In LibSass 3.5.5, a NULL Pointer Dereference in the function\n Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application\n crash) via a crafted sass input file. (CVE-2018-20190)\n\n - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in\n prelexer.hpp. (CVE-2019-6283)\n\n - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.\n (CVE-2019-6284)\n\n - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp\n when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693. (CVE-2019-6286)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4837-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsass-dev and / or libsass0 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-11499\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/10/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsass-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsass0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'libsass-dev', 'pkgver': '3.4.8-1ubuntu0.1~esm1'},\n {'osver': '18.04', 'pkgname': 'libsass0', 'pkgver': '3.4.8-1ubuntu0.1~esm1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsass-dev / libsass0');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:55:16", "description": "NPM reports :\n\nGlobal node_modules Binary Overwrite\n\nSymlink reference outside of node_modules\n\nArbitrary File Write", "cvss3": {}, "published": "2020-06-11T00:00:00", "type": "nessus", "title": "FreeBSD : NPM -- Multiple vulnerabilities (2a3588b4-ab12-11ea-a051-001b217b3468)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:npm", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_2A3588B4AB1211EAA051001B217B3468.NASL", "href": "https://www.tenable.com/plugins/nessus/137343", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137343);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n\n script_name(english:\"FreeBSD : NPM -- Multiple vulnerabilities (2a3588b4-ab12-11ea-a051-001b217b3468)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"NPM reports :\n\nGlobal node_modules Binary Overwrite\n\nSymlink reference outside of node_modules\n\nArbitrary File Write\");\n # https://nodejs.org/en/blog/vulnerability/december-2019-security-releases/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?53038277\");\n # https://vuxml.freebsd.org/freebsd/2a3588b4-ab12-11ea-a051-001b217b3468.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0ac0f210\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16777\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-16776\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:npm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"npm<6.13.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:46:02", "description": "This update for nodejs6 to version 6.17.1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field (bsc#1159352).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2020:0247-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:nodejs6", "p-cpe:/a:novell:suse_linux:nodejs6-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs6-debugsource", "p-cpe:/a:novell:suse_linux:nodejs6-devel", "p-cpe:/a:novell:suse_linux:npm6"], "id": "SUSE_SU-2020-0247-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133348", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0247-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133348);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2020:0247-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs6 to version 6.17.1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4,\nfixing an arbitrary path overwrite and access via 'bin' field\n(bsc#1159352).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16775/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16776/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16777/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200247-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?82c8dfb8\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-247=1\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-247=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-247=1\n\nSUSE Linux Enterprise Module for Web Scripting 12 :\n\nzypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-247=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16777\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-16776\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-6.17.1-11.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-debuginfo-6.17.1-11.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-debugsource-6.17.1-11.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs6-devel-6.17.1-11.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"npm6-6.17.1-11.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:46:00", "description": "This update for nodejs8 to version 8.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field (bsc#1159352).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2020:0043-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:nodejs8", "p-cpe:/a:novell:suse_linux:nodejs8-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs8-debugsource", "p-cpe:/a:novell:suse_linux:nodejs8-devel", "p-cpe:/a:novell:suse_linux:npm8"], "id": "SUSE_SU-2020-0043-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132744", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0043-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132744);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n\n script_name(english:\"SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2020:0043-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nodejs8 to version 8.17.0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4,\nfixing an arbitrary path overwrite and access via 'bin' field\n(bsc#1159352).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16775/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16776/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16777/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200043-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?63786984\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Web-Scripting-15-SP1-2020-43=1\n\nSUSE Linux Enterprise Module for Web Scripting 15:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-15-2020-43=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16777\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-16776\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs8-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs8-debuginfo-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs8-debugsource-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nodejs8-devel-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"npm8-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-debuginfo-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-debugsource-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nodejs8-devel-8.17.0-3.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"npm8-8.17.0-3.25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs8\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:46:00", "description": "Update to 12.14.1\n\nAdd new subpackage `nodejs-full-i18n` to provide non-English locale and Unicode support.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-27T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:libuv / 1:nodejs (2020-595ce5e3cc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2019-17592"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:libuv", "p-cpe:/a:fedoraproject:fedora:1:nodejs", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-595CE5E3CC.NASL", "href": "https://www.tenable.com/plugins/nessus/133233", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-595ce5e3cc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133233);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\", \"CVE-2019-17592\");\n script_xref(name:\"FEDORA\", value:\"2020-595ce5e3cc\");\n\n script_name(english:\"Fedora 31 : 1:libuv / 1:nodejs (2020-595ce5e3cc)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to 12.14.1\n\nAdd new subpackage `nodejs-full-i18n` to provide non-English locale\nand Unicode support.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-595ce5e3cc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:libuv and / or 1:nodejs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16777\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:libuv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"libuv-1.34.1-1.fc31\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC31\", reference:\"nodejs-12.14.1-3.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:libuv / 1:nodejs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-07T18:36:57", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2625 advisory.\n\n - nodejs-brace-expansion: Regular expression denial of service (CVE-2017-18077)\n\n - nodejs-chownr: TOCTOU vulnerability in `chownr` function in chownr.js (CVE-2017-18869)\n\n - nodejs-sshpk: ReDoS when parsing crafted invalid public keys in lib/formats/ssh.js (CVE-2018-3737)\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-nodejs8-nodejs (RHSA-2020:2625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18077", "CVE-2017-18869", "CVE-2018-3737", "CVE-2018-3750", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-nodejs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-nodejs-devel", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-nodejs-docs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-npm"], "id": "REDHAT-RHSA-2020-2625.NASL", "href": "https://www.tenable.com/plugins/nessus/170350", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2625. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170350);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2017-18077\",\n \"CVE-2017-18869\",\n \"CVE-2018-3737\",\n \"CVE-2018-3750\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n script_xref(name:\"RHSA\", value:\"2020:2625\");\n\n script_name(english:\"RHEL 7 : rh-nodejs8-nodejs (RHSA-2020:2625)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2625 advisory.\n\n - nodejs-brace-expansion: Regular expression denial of service (CVE-2017-18077)\n\n - nodejs-chownr: TOCTOU vulnerability in `chownr` function in chownr.js (CVE-2017-18869)\n\n - nodejs-sshpk: ReDoS when parsing crafted invalid public keys in lib/formats/ssh.js (CVE-2018-3737)\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation\n (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2017-18077\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2017-18869\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-3737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-3750\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16776\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1448380\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1567228\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1578246\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1611613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788310\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-3750\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 367, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs8-npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-nodejs8-nodejs-8.17.0-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-nodejs-8.17.0-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-nodejs-8.17.0-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-nodejs-devel-8.17.0-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-nodejs-devel-8.17.0-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-nodejs-devel-8.17.0-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-nodejs-docs-8.17.0-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-npm-6.13.4-8.17.0.2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-npm-6.13.4-8.17.0.2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs8-npm-6.13.4-8.17.0.2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-nodejs8-nodejs / rh-nodejs8-nodejs-devel / rh-nodejs8-nodejs-docs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-02T21:36:03", "description": "The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3336 advisory.\n\n - url-parse before 1.5.0 mishandles certain uses of backslash such as http:\\/ and interprets the URI as a relative path. (CVE-2021-27515)\n\n - url-parse is vulnerable to URL Redirection to Untrusted Site (CVE-2021-3664)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. (CVE-2022-0512)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. (CVE-2022-0639)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. (CVE-2022-0686)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. (CVE-2022-0691)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-02-23T00:00:00", "type": "nessus", "title": "Debian DLA-3336-1 : node-url-parse - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-27515", "CVE-2021-3664", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691"], "modified": "2023-09-01T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:node-url-parse", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3336.NASL", "href": "https://www.tenable.com/plugins/nessus/171837", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3336. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171837);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/01\");\n\n script_cve_id(\n \"CVE-2021-3664\",\n \"CVE-2021-27515\",\n \"CVE-2022-0512\",\n \"CVE-2022-0639\",\n \"CVE-2022-0686\",\n \"CVE-2022-0691\"\n );\n\n script_name(english:\"Debian DLA-3336-1 : node-url-parse - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the\ndla-3336 advisory.\n\n - url-parse before 1.5.0 mishandles certain uses of backslash such as http:\\/ and interprets the URI as a\n relative path. (CVE-2021-27515)\n\n - url-parse is vulnerable to URL Redirection to Untrusted Site (CVE-2021-3664)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. (CVE-2022-0512)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. (CVE-2022-0639)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. (CVE-2022-0686)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. (CVE-2022-0691)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985110\");\n # https://security-tracker.debian.org/tracker/source-package/node-url-parse\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?082d3b19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2023/dla-3336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-27515\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0691\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/node-url-parse\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the node-url-parse packages.\n\nFor Debian 10 buster, these problems have been fixed in version 1.2.0-2+deb10u2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0691\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:node-url-parse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'node-url-parse', 'reference': '1.2.0-2+deb10u2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'node-url-parse');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-07T18:18:04", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0597 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-nodejs10-nodejs (RHSA-2020:0597)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-nodejs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-nodejs-devel", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-nodejs-docs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-npm"], "id": "REDHAT-RHSA-2020-0597.NASL", "href": "https://www.tenable.com/plugins/nessus/170312", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0597. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170312);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2019-15604\",\n \"CVE-2019-15605\",\n \"CVE-2019-15606\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0597\");\n\n script_name(english:\"RHEL 7 : rh-nodejs10-nodejs (RHSA-2020:0597)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0597 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation\n (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16776\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800367\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 138, 172, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs10-npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-nodejs10-nodejs-10.19.0-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-nodejs-10.19.0-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-nodejs-10.19.0-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-nodejs-devel-10.19.0-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-nodejs-devel-10.19.0-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-nodejs-devel-10.19.0-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-nodejs-docs-10.19.0-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-npm-6.13.4-10.19.0.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-npm-6.13.4-10.19.0.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs10-npm-6.13.4-10.19.0.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-nodejs10-nodejs / rh-nodejs10-nodejs-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:27", "description": "This update for nodejs12 fixes the following issues :\n\nnodejs12 was updated to version 12.15.0.\n\nSecurity issues fixed :\n\nCVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string (CVE-2019-15604, bsc#1163104).\n\nCVE-2019-15605: Fixed an HTTP request smuggling vulnerability via malformed Transfer-Encoding header (CVE-2019-15605, bsc#1163102).\n\nCVE-2019-15606: Fixed the white space sanitation of HTTP headers (CVE-2019-15606, bsc#1163103).\n\nCVE-2019-16775: Fixed an arbitrary file write vulnerability (bsc#1159352).\n\nCVE-2019-16776: Fixed an arbitrary file write vulnerability (bsc#1159352).\n\nCVE-2019-16777: Fixed an arbitrary file write vulnerability (bsc#1159352).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-24T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0429-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-02-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs12", "p-cpe:/a:novell:suse_linux:nodejs12-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs12-debugsource", "p-cpe:/a:novell:suse_linux:nodejs12-devel", "p-cpe:/a:novell:suse_linux:npm12", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-0429-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133947", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0429-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133947);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/26\");\n\n script_cve_id(\"CVE-2019-15604\", \"CVE-2019-15605\", \"CVE-2019-15606\", \"CVE-2019-16775\", \"CVE-2019-16776\", \"CVE-2019-16777\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0429-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs12 fixes the following issues :\n\nnodejs12 was updated to version 12.15.0.\n\nSecurity issues fixed :\n\nCVE-2019-15604: Fixed a remotely triggerable assertion in the TLS\nserver via a crafted certificate string (CVE-2019-15604, bsc#1163104).\n\nCVE-2019-15605: Fixed an HTTP request smuggling vulnerability via\nmalformed Transfer-Encoding header (CVE-2019-15605, bsc#1163102).\n\nCVE-2019-15606: Fixed the white space sanitation of HTTP headers\n(CVE-2019-15606, bsc#1163103).\n\nCVE-2019-16775: Fixed an arbitrary file write vulnerability\n(bsc#1159352).\n\nCVE-2019-16776: Fixed an arbitrary file write vulnerability\n(bsc#1159352).\n\nCVE-2019-16777: Fixed an arbitrary file write vulnerability\n(bsc#1159352).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15604/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15605/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15606/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16775/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16776/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16777/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200429-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?83e2950f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2020-429=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs12-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs12-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs12-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs12-12.15.0-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs12-debuginfo-12.15.0-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs12-debugsource-12.15.0-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"nodejs12-devel-12.15.0-1.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"npm12-12.15.0-1.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs12\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-07T18:18:04", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0602 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:0602)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-devel", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-docs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-npm"], "id": "REDHAT-RHSA-2020-0602.NASL", "href": "https://www.tenable.com/plugins/nessus/170354", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0602. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170354);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2019-15604\",\n \"CVE-2019-15605\",\n \"CVE-2019-15606\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0602\");\n\n script_name(english:\"RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:0602)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0602 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation\n (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16776\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800367\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 138, 172, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-nodejs12-nodejs-12.16.1-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-12.16.1-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-12.16.1-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-devel-12.16.1-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-devel-12.16.1-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-devel-12.16.1-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-docs-12.16.1-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-npm-6.13.4-12.16.1.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-npm-6.13.4-12.16.1.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-npm-6.13.4-12.16.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-nodejs12-nodejs / rh-nodejs12-nodejs-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:34", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:0579 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : nodejs:10 (CESA-2020:0579)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:nodejs", "p-cpe:/a:centos:centos:nodejs-devel", "p-cpe:/a:centos:centos:nodejs-docs", "p-cpe:/a:centos:centos:npm"], "id": "CENTOS8_RHSA-2020-0579.NASL", "href": "https://www.tenable.com/plugins/nessus/145979", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:0579. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145979);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2019-15604\",\n \"CVE-2019-15605\",\n \"CVE-2019-15606\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0579\");\n\n script_name(english:\"CentOS 8 : nodejs:10 (CESA-2020:0579)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:0579 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation\n (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0579\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\nif ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar appstreams = {\n 'nodejs:10': [\n {'reference':'nodejs-10.19.0-1.module_el8.1.0+277+2bccb1a9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-10.19.0-1.module_el8.1.0+277+2bccb1a9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-devel-10.19.0-1.module_el8.1.0+277+2bccb1a9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-devel-10.19.0-1.module_el8.1.0+277+2bccb1a9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-docs-10.19.0-1.module_el8.1.0+277+2bccb1a9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-docs-10.19.0-1.module_el8.1.0+277+2bccb1a9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module_el8.1.0+277+2bccb1a9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'npm-6.13.4-1.10.19.0.1.module_el8.1.0+277+2bccb1a9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / npm');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:36:10", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:0579 advisory.\n\n - Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate (CVE-2019-15604)\n\n - HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed (CVE-2019-15605)\n\n - Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons (CVE-2019-15606)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore- scripts install option. (CVE-2019-16775)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option. (CVE-2019-16776)\n\n - Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore- scripts install option. (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-06T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : nodejs:10 (RLSA-2020:0579)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:nodejs-nodemon", "p-cpe:/a:rocky:linux:nodejs-packaging", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2020-0579.NASL", "href": "https://www.tenable.com/plugins/nessus/184706", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2020:0579.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184706);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2019-15604\",\n \"CVE-2019-15605\",\n \"CVE-2019-15606\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n script_xref(name:\"RLSA\", value:\"2020:0579\");\n\n script_name(english:\"Rocky Linux 8 : nodejs:10 (RLSA-2020:0579)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2020:0579 advisory.\n\n - Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a\n crafted X.509 certificate (CVE-2019-15604)\n\n - HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding\n is malformed (CVE-2019-15605)\n\n - Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of\n authorization based on header value comparisons (CVE-2019-15606)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for\n packages to create symlinks to files outside of thenode_modules folder through the bin field upon\n installation. A properly constructed entry in the package.json bin field would allow a package publisher\n to create a symlink pointing to arbitrary files on a user's system when the package is installed. This\n behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-\n scripts install option. (CVE-2019-16775)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent\n access to folders outside of the intended node_modules folder through the bin field. A properly\n constructed entry in the package.json bin field would allow a package publisher to modify and/or gain\n access to arbitrary files on a user's system when the package is installed. This behavior is still\n possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install\n option. (CVE-2019-16776)\n\n - Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent\n existing globally-installed binaries to be overwritten by other package installations. For example, if a\n package was installed globally and created a serve binary, any subsequent installs of packages that also\n create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local\n installations and also through install scripts. This vulnerability bypasses a user using the --ignore-\n scripts install option. (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2020:0579\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1788301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1788305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1788310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1800364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1800366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1800367\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nodejs-nodemon and / or nodejs-packaging packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RockyLinux/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\nif ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar appstreams = {\n 'nodejs:10': [\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8.3.0+101+f84c7154', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8.3.0+101+f84c7154', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RockyLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs-nodemon / nodejs-packaging');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:17:28", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0579 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-02-26T00:00:00", "type": "nessus", "title": "RHEL 8 : nodejs:10 (RHSA-2020:0579)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.1", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.1", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:nodejs", "p-cpe:/a:redhat:enterprise_linux:nodejs-devel", "p-cpe:/a:redhat:enterprise_linux:nodejs-docs", "p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon", "p-cpe:/a:redhat:enterprise_linux:nodejs-packaging", "p-cpe:/a:redhat:enterprise_linux:npm"], "id": "REDHAT-RHSA-2020-0579.NASL", "href": "https://www.tenable.com/plugins/nessus/134062", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0579. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134062);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2019-15604\",\n \"CVE-2019-15605\",\n \"CVE-2019-15606\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0579\");\n\n script_name(english:\"RHEL 8 : nodejs:10 (RHSA-2020:0579)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0579 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation\n (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16776\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0579\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800367\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15605\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-15606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 138, 172, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'nodejs:10': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'2', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'2', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'2', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.1.0+5726+6ed65f8c', 'sp':'2', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'4', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'4', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'4', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.1.0+5726+6ed65f8c', 'sp':'4', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.1.0+5726+6ed65f8c', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.1.0+5726+6ed65f8c', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/appstream/debug',\n 'content/eus/rhel8/8.1/aarch64/appstream/os',\n 'content/eus/rhel8/8.1/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/baseos/debug',\n 'content/eus/rhel8/8.1/aarch64/baseos/os',\n 'content/eus/rhel8/8.1/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.1/aarch64/highavailability/os',\n 'content/eus/rhel8/8.1/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.1/aarch64/supplementary/os',\n 'content/eus/rhel8/8.1/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.1/ppc64le/appstream/os',\n 'content/eus/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.1/ppc64le/baseos/os',\n 'content/eus/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/sap/debug',\n 'content/eus/rhel8/8.1/ppc64le/sap/os',\n 'content/eus/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/appstream/debug',\n 'content/eus/rhel8/8.1/s390x/appstream/os',\n 'content/eus/rhel8/8.1/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/baseos/debug',\n 'content/eus/rhel8/8.1/s390x/baseos/os',\n 'content/eus/rhel8/8.1/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/highavailability/debug',\n 'content/eus/rhel8/8.1/s390x/highavailability/os',\n 'content/eus/rhel8/8.1/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/sap/debug',\n 'content/eus/rhel8/8.1/s390x/sap/os',\n 'content/eus/rhel8/8.1/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/supplementary/debug',\n 'content/eus/rhel8/8.1/s390x/supplementary/os',\n 'content/eus/rhel8/8.1/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/appstream/debug',\n 'content/eus/rhel8/8.1/x86_64/appstream/os',\n 'content/eus/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/baseos/debug',\n 'content/eus/rhel8/8.1/x86_64/baseos/os',\n 'content/eus/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.1/x86_64/highavailability/os',\n 'content/eus/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/sap/debug',\n 'content/eus/rhel8/8.1/x86_64/sap/os',\n 'content/eus/rhel8/8.1/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.1/x86_64/supplementary/os',\n 'content/eus/rhel8/8.1/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'1', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'1', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-10.19.0-1.module+el8.1.0+5726+6ed65f8c', 'sp':'1', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.1.0+5726+6ed65f8c', 'sp':'1', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\nif ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / nodejs-nodemon / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:06", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0549 advisory.\n\n - This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters. (CVE-2020-7754)\n\n - mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. (CVE-2019-10746)\n\n - set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads. (CVE-2019-10747)\n\n - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context. (CVE-2020-7788)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. (CVE-2020-8265)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. (CVE-2020-8287)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-19T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : nodejs:12 (ELSA-2021-0549)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:nodejs", "p-cpe:/a:oracle:linux:nodejs-devel", "p-cpe:/a:oracle:linux:nodejs-docs", "p-cpe:/a:oracle:linux:nodejs-full-i18n", "p-cpe:/a:oracle:linux:nodejs-nodemon", "p-cpe:/a:oracle:linux:nodejs-packaging", "p-cpe:/a:oracle:linux:npm"], "id": "ORACLELINUX_ELSA-2021-0549.NASL", "href": "https://www.tenable.com/plugins/nessus/146636", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-0549.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146636);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2019-10746\",\n \"CVE-2019-10747\",\n \"CVE-2020-7754\",\n \"CVE-2020-7788\",\n \"CVE-2020-8265\",\n \"CVE-2020-8287\"\n );\n\n script_name(english:\"Oracle Linux 8 : nodejs:12 (ELSA-2021-0549)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-0549 advisory.\n\n - This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took\n exponentially longer to process long input strings beginning with @ characters. (CVE-2020-7754)\n\n - mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function\n mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor\n payload. (CVE-2019-10746)\n\n - set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could\n be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype\n and _proto_ payloads. (CVE-2019-10747)\n\n - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application\n that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited\n further depending on the context. (CVE-2020-7788)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its\n TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls\n node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method\n does not return an error, this object is passed back to the caller as part of a StreamWriteResult\n structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other\n exploits. (CVE-2020-8265)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP\n request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first\n header field and ignores the second. This can lead to HTTP Request Smuggling. (CVE-2020-8287)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-0549.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7788\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10747\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-full-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:npm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\nif ('12' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nappstreams = {\n 'nodejs:12': [\n {'reference':'nodejs-12.20.1-1.module+el8.3.0+9643+8c99e187', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-12.20.1-1.module+el8.3.0+9643+8c99e187', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-12.20.1-1.module+el8.3.0+9643+8c99e187', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-12.20.1-1.module+el8.3.0+9643+8c99e187', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-12.20.1-1.module+el8.3.0+9643+8c99e187', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-full-i18n-12.20.1-1.module+el8.3.0+9643+8c99e187', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-full-i18n-12.20.1-1.module+el8.3.0+9643+8c99e187', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-2.0.3-1.module+el8.3.0+9643+8c99e187', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.14.10-1.12.20.1.1.module+el8.3.0+9643+8c99e187', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'npm-6.14.10-1.12.20.1.1.module+el8.3.0+9643+8c99e187', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:09:07", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0579 advisory.\n\n - Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons (CVE-2019-15606)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore- scripts install option. (CVE-2019-16775)\n\n - Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore- scripts install option. (CVE-2019-16777)\n\n - Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate (CVE-2019-15604)\n\n - HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed (CVE-2019-15605)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option. (CVE-2019-16776)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-08-28T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : nodejs:10 (ELSA-2020-0579)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2021-05-11T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:nodejs", "p-cpe:/a:oracle:linux:nodejs-devel", "p-cpe:/a:oracle:linux:nodejs-docs", "p-cpe:/a:oracle:linux:nodejs-nodemon", "p-cpe:/a:oracle:linux:nodejs-packaging", "p-cpe:/a:oracle:linux:npm"], "id": "ORACLELINUX_ELSA-2020-0579.NASL", "href": "https://www.tenable.com/plugins/nessus/140035", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-0579.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140035);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/11\");\n\n script_cve_id(\n \"CVE-2019-15604\",\n \"CVE-2019-15605\",\n \"CVE-2019-15606\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n\n script_name(english:\"Oracle Linux 8 : nodejs:10 (ELSA-2020-0579)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-0579 advisory.\n\n - Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of\n authorization based on header value comparisons (CVE-2019-15606)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for\n packages to create symlinks to files outside of thenode_modules folder through the bin field upon\n installation. A properly constructed entry in the package.json bin field would allow a package publisher\n to create a symlink pointing to arbitrary files on a user's system when the package is installed. This\n behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-\n scripts install option. (CVE-2019-16775)\n\n - Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent\n existing globally-installed binaries to be overwritten by other package installations. For example, if a\n package was installed globally and created a serve binary, any subsequent installs of packages that also\n create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local\n installations and also through install scripts. This vulnerability bypasses a user using the --ignore-\n scripts install option. (CVE-2019-16777)\n\n - Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a\n crafted X.509 certificate (CVE-2019-15604)\n\n - HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding\n is malformed (CVE-2019-15605)\n\n - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent\n access to folders outside of the intended node_modules folder through the bin field. A properly\n constructed entry in the package.json bin field would allow a package publisher to modify and/or gain\n access to arbitrary files on a user's system when the package is installed. This behavior is still\n possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install\n option. (CVE-2019-16776)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-0579.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:npm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\nif ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nappstreams = {\n 'nodejs:10': [\n {'reference':'nodejs-10.19.0-1.module+el8.1.0+5552+3cab52c0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-10.19.0-1.module+el8.1.0+5552+3cab52c0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.1.0+5552+3cab52c0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.1.0+5552+3cab52c0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-10.19.0-1.module+el8.1.0+5552+3cab52c0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8.1.0+5392+4d6b561f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8.1.0+5392+4d6b561f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.1.0+5552+3cab52c0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.1.0+5552+3cab52c0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T14:17:04", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0573 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-02-25T00:00:00", "type": "nessus", "title": "RHEL 8 : nodejs:10 (RHSA-2020:0573)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.0", "p-cpe:/a:redhat:enterprise_linux:nodejs", "p-cpe:/a:redhat:enterprise_linux:nodejs-devel", "p-cpe:/a:redhat:enterprise_linux:nodejs-docs", "p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon", "p-cpe:/a:redhat:enterprise_linux:nodejs-packaging", "p-cpe:/a:redhat:enterprise_linux:npm"], "id": "REDHAT-RHSA-2020-0573.NASL", "href": "https://www.tenable.com/plugins/nessus/134028", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0573. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134028);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2019-15604\",\n \"CVE-2019-15605\",\n \"CVE-2019-15606\",\n \"CVE-2019-16775\",\n \"CVE-2019-16776\",\n \"CVE-2019-16777\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0573\");\n\n script_name(english:\"RHEL 8 : nodejs:10 (RHSA-2020:0573)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0573 advisory.\n\n - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n - nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n - nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n - npm: Symlink reference outside of node_modules folder through the bin field upon installation\n (CVE-2019-16775)\n\n - npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n - npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16776\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0573\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1788310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1800367\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15605\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 138, 172, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.0')) audit(AUDIT_OS_NOT, 'Red Hat 8.0', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'nodejs:10': [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.0/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.0/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.0/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.0/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.0/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.0/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.0/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.0/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.0/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.0/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.0/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.0/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.0/ppc64le/sap/os',\n 'content/e4s/rhel8/8.0/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.0/x86_64/appstream/os',\n 'content/e4s/rhel8/8.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.0/x86_64/baseos/os',\n 'content/e4s/rhel8/8.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/sap/debug',\n 'content/e4s/rhel8/8.0/x86_64/sap/os',\n 'content/e4s/rhel8/8.0/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-10.19.0-1.module+el8.0.0+5738+1362a79c', 'sp':'0', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-10.19.0-1.module+el8.0.0+5738+1362a79c', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.0.0+5738+1362a79c', 'sp':'0', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-10.19.0-1.module+el8.0.0+5738+1362a79c', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-10.19.0-1.module+el8.0.0+5738+1362a79c', 'sp':'0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'sp':'0', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'sp':'0', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.0.0+5738+1362a79c', 'sp':'0', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'npm-6.13.4-1.10.19.0.1.module+el8.0.0+5738+1362a79c', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\nif ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / nodejs-nodemon / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-17T11:57:08", "description": "The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5973-1 advisory.\n\n - Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol. (CVE-2018-3774)\n\n - Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks. (CVE-2020-8124)\n\n - url-parse before 1.5.0 mishandles certain uses of backslash such as http:\\/ and interprets the URI as a relative path. (CVE-2021-27515)\n\n - url-parse is vulnerable to URL Redirection to Untrusted Site (CVE-2021-3664)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. (CVE-2022-0512)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. (CVE-2022-0639)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. (CVE-2022-0686)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. (CVE-2022-0691)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-27T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : url-parse vulnerabilities (USN-5973-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3774", "CVE-2020-8124", "CVE-2021-27515", "CVE-2021-3664", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691"], "modified": "2023-10-16T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:node-url-parse"], "id": "UBUNTU_USN-5973-1.NASL", "href": "https://www.tenable.com/plugins/nessus/173433", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5973-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173433);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/16\");\n\n script_cve_id(\n \"CVE-2018-3774\",\n \"CVE-2020-8124\",\n \"CVE-2021-3664\",\n \"CVE-2021-27515\",\n \"CVE-2022-0512\",\n \"CVE-2022-0639\",\n \"CVE-2022-0686\",\n \"CVE-2022-0691\"\n );\n script_xref(name:\"USN\", value:\"5973-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : url-parse vulnerabilities (USN-5973-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple\nvulnerabilities as referenced in the USN-5973-1 advisory.\n\n - Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such\n as SSRF, Open Redirect, Bypass Authentication Protocol. (CVE-2018-3774)\n\n - Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and\n earlier may allow attacker to bypass security checks. (CVE-2020-8124)\n\n - url-parse before 1.5.0 mishandles certain uses of backslash such as http:\\/ and interprets the URI as a\n relative path. (CVE-2021-27515)\n\n - url-parse is vulnerable to URL Redirection to Untrusted Site (CVE-2021-3664)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. (CVE-2022-0512)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. (CVE-2022-0639)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. (CVE-2022-0686)\n\n - Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. (CVE-2022-0691)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5973-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected node-url-parse package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0691\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-3774\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:node-url-parse\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release || '18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'node-url-parse', 'pkgver': '1.0.5-2ubuntu0.1~esm2'},\n {'osver': '18.04', 'pkgname': 'node-url-parse', 'pkgver': '1.2.0-1ubuntu0.1'},\n {'osver': '20.04', 'pkgname': 'node-url-parse', 'pkgver': '1.4.7-3ubuntu0.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'node-url-parse');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:31:18", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0549 advisory.\n\n - The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.\n (CVE-2018-3750)\n\n - mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. (CVE-2019-10746)\n\n - set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads. (CVE-2019-10747)\n\n - This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters. (CVE-2020-7754)\n\n - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context. (CVE-2020-7788)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. (CVE-2020-8265)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-07T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : nodejs:12 (RLSA-2021:0549)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3750", "CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:nodejs-nodemon", "p-cpe:/a:rocky:linux:nodejs-packaging", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2021-0549.NASL", "href": "https://www.tenable.com/plugins/nessus/184892", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2021:0549.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184892);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2018-3750\",\n \"CVE-2019-10746\",\n \"CVE-2019-10747\",\n \"CVE-2020-7754\",\n \"CVE-2020-7788\",\n \"CVE-2020-8265\",\n \"CVE-2020-8287\"\n );\n script_xref(name:\"RLSA\", value:\"2021:0549\");\n\n script_name(english:\"Rocky Linux 8 : nodejs:12 (RLSA-2021:0549)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2021:0549 advisory.\n\n - The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into\n modifying the prototype of Object when the attacker can control part of the structure passed to this\n function. This can let an attacker add or modify existing properties that will exist on all objects.\n (CVE-2018-3750)\n\n - mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function\n mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor\n payload. (CVE-2019-10746)\n\n - set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could\n be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype\n and _proto_ payloads. (CVE-2019-10747)\n\n - This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took\n exponentially longer to process long input strings beginning with @ characters. (CVE-2020-7754)\n\n - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application\n that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited\n further depending on the context. (CVE-2020-7788)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its\n TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls\n node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method\n does not return an error, this object is passed back to the caller as part of a StreamWriteResult\n structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other\n exploits. (CVE-2020-8265)\n\n - Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP\n request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first\n header field and ignores the second. This can lead to HTTP Request Smuggling. (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2021:0549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1795475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1795479\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1892430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1907444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1912854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1912863\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nodejs-nodemon and / or nodejs-packaging packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7788\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RockyLinux/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\nif ('12' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar appstreams = {\n 'nodejs:12': [\n {'reference':'nodejs-nodemon-2.0.3-1.module+el8.3.0+100+234774f7', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-nodemon-2.0.3-1.module+el8.4.0+638+5344c6f7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-nodemon-2.0.3-1.module+el8.6.0+982+9fdca2d4', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8.3.0+101+f84c7154', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RockyLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs-nodemon / nodejs-packaging');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-15T15:06:42", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0485 advisory.\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n - nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n - nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754)\n\n - nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n - nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n - nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-nodejs12-nodejs (RHSA-2021:0485)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3750", "CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2023-10-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-devel", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-docs", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-nodemon", "p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-npm"], "id": "REDHAT-RHSA-2021-0485.NASL", "href": "https://www.tenable.com/plugins/nessus/165165", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0485. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165165);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/11\");\n\n script_cve_id(\n \"CVE-2018-3750\",\n \"CVE-2019-10746\",\n \"CVE-2019-10747\",\n \"CVE-2020-7754\",\n \"CVE-2020-7788\",\n \"CVE-2020-8265\",\n \"CVE-2020-8287\"\n );\n script_xref(name:\"RHSA\", value:\"2021:0485\");\n\n script_name(english:\"RHEL 7 : rh-nodejs12-nodejs (RHSA-2021:0485)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:0485 advisory.\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n - nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n - nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS\n (CVE-2020-7754)\n\n - nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n - nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n - nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-3750\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-10746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-10747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-7754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-7788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8265\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1578246\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1795475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1795479\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1892430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1907444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1912854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1912863\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7788\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 400, 416, 444, 471);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-nodejs12-npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-nodejs12-nodejs-12.20.1-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-12.20.1-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-12.20.1-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-devel-12.20.1-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-devel-12.20.1-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-devel-12.20.1-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-docs-12.20.1-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-nodejs-nodemon-2.0.3-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-npm-6.14.10-12.20.1.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-npm-6.14.10-12.20.1.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-nodejs12-npm-6.14.10-12.20.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-nodejs12-nodejs / rh-nodejs12-nodejs-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:13:27", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0549 advisory.\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n - nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n - nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754)\n\n - nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n - nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n - nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-16T00:00:00", "type": "nessus", "title": "RHEL 8 : nodejs:12 (RHSA-2021:0549)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3750", "CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:nodejs", "p-cpe:/a:redhat:enterprise_linux:nodejs-devel", "p-cpe:/a:redhat:enterprise_linux:nodejs-docs", "p-cpe:/a:redhat:enterprise_linux:nodejs-full-i18n", "p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon", "p-cpe:/a:redhat:enterprise_linux:nodejs-packaging", "p-cpe:/a:redhat:enterprise_linux:npm"], "id": "REDHAT-RHSA-2021-0549.NASL", "href": "https://www.tenable.com/plugins/nessus/146536", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0549. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146536);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2018-3750\",\n \"CVE-2019-10746\",\n \"CVE-2019-10747\",\n \"CVE-2020-7754\",\n \"CVE-2020-7788\",\n \"CVE-2020-8265\",\n \"CVE-2020-8287\"\n );\n script_xref(name:\"RHSA\", value:\"2021:0549\");\n script_xref(name:\"IAVB\", value:\"2021-B-0004-S\");\n\n script_name(english:\"RHEL 8 : nodejs:12 (RHSA-2021:0549)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:0549 advisory.\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n - nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n - nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS\n (CVE-2020-7754)\n\n - nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n - nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n - nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-3750\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-10746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-10747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-7754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-7788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8265\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1578246\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1795475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1795479\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1892430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1907444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1912854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1912863\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7788\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 400, 416, 444, 471);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-full-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'nodejs:12': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-full-i18n-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-2.0.3-1.module+el8.3.0+9715+1718613f', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8.1.0+3369+37ae6a45', 'sp':'4', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'npm-6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-full-i18n-12.20.1-1.module+el8.3.0+9503+19cb079c', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-2.0.3-1.module+el8.3.0+9715+1718613f', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8.1.0+3369+37ae6a45', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'npm-6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'nodejs-12.20.1-1.module+el8.3.0+9503+19cb079c', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-devel-12.20.1-1.module+el8.3.0+9503+19cb079c', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-docs-12.20.1-1.module+el8.3.0+9503+19cb079c', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-full-i18n-12.20.1-1.module+el8.3.0+9503+19cb079c', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nodejs-nodemon-2.0.3-1.module+el8.3.0+9715+1718613f', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module+el8.1.0+3369+37ae6a45', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'npm-6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\nif ('12' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / nodejs-full-i18n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:47", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0549 advisory.\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n - nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n - nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754)\n\n - nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n - nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n - nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-11T00:00:00", "type": "nessus", "title": "CentOS 8 : nodejs:12 (CESA-2021:0549)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3750", "CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:nodejs", "p-cpe:/a:centos:centos:nodejs-devel", "p-cpe:/a:centos:centos:nodejs-docs", "p-cpe:/a:centos:centos:nodejs-full-i18n", "p-cpe:/a:centos:centos:nodejs-nodemon", "p-cpe:/a:centos:centos:nodejs-packaging", "p-cpe:/a:centos:centos:npm"], "id": "CENTOS8_RHSA-2021-0549.NASL", "href": "https://www.tenable.com/plugins/nessus/146539", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:0549. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146539);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2018-3750\",\n \"CVE-2019-10746\",\n \"CVE-2019-10747\",\n \"CVE-2020-7754\",\n \"CVE-2020-7788\",\n \"CVE-2020-8265\",\n \"CVE-2020-8287\"\n );\n script_xref(name:\"RHSA\", value:\"2021:0549\");\n\n script_name(english:\"CentOS 8 : nodejs:12 (CESA-2021:0549)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:0549 advisory.\n\n - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n - nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n - nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n - nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS\n (CVE-2020-7754)\n\n - nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n - nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n - nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0549\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7788\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10747\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-full-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nodejs-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:npm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/nodejs');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\nif ('12' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);\n\nvar appstreams = {\n 'nodejs:12': [\n {'reference':'nodejs-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-devel-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-devel-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-docs-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-docs-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-full-i18n-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-full-i18n-12.20.1-1.module_el8.3.0+705+5d03e5c7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-nodemon-2.0.3-1.module_el8.3.0+402+6f8dd522', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-nodemon-2.0.3-1.module_el8.3.0+402+6f8dd522', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module_el8.1.0+251+8afea200', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-packaging-17-3.module_el8.1.0+251+8afea200', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'npm-6.14.10-1.12.20.1.1.module_el8.3.0+705+5d03e5c7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'npm-6.14.10-1.12.20.1.1.module_el8.3.0+705+5d03e5c7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:12');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / nodejs-full-i18n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:31:29", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2865 advisory.\n\n - nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n - nodejs-ua-parser-js: Regular expression denial of service via the regex (CVE-2020-7733)\n\n - nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)\n\n - nodejs-underscore: Arbitrary code execution via the template function (CVE-2021-23358)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-07-22T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV Manager (ovirt-engine) security update [ovirt-4.4.7] (Moderate) (RHSA-2021:2865)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-28469", "CVE-2020-7733", "CVE-2021-23343", "CVE-2021-23358"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions"], "id": "REDHAT-RHSA-2021-2865.NASL", "href": "https://www.tenable.com/plugins/nessus/152005", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2865. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152005);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2020-7733\",\n \"CVE-2020-28469\",\n \"CVE-2021-23343\",\n \"CVE-2021-23358\"\n );\n script_xref(name:\"RHSA\", value:\"2021:2865\");\n\n script_name(english:\"RHEL 8 : RHV Manager (ovirt-engine) security update [ovirt-4.4.7] (Moderate) (RHSA-2021:2865)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2865 advisory.\n\n - nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n - nodejs-ua-parser-js: Regular expression denial of service via the regex (CVE-2020-7733)\n\n - nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)\n\n - nodejs-underscore: Arbitrary code execution via the template function (CVE-2021-23358)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-7733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28469\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1945459\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956818\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ovirt-engine-ui-extensions package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23358\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-ui-extensions-1.2.7-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine-ui-extensions');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:48", "description": "Update to upstream 2.0.1 release for CVE-2019-10747\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-10T00:00:00", "type": "nessus", "title": "Fedora 30 : nodejs-set-value (2020-1f1c94907b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10747"], "modified": "2020-02-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nodejs-set-value", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-1F1C94907B.NASL", "href": "https://www.tenable.com/plugins/nessus/133564", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-1f1c94907b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133564);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/12\");\n\n script_cve_id(\"CVE-2019-10747\");\n script_xref(name:\"FEDORA\", value:\"2020-1f1c94907b\");\n\n script_name(english:\"Fedora 30 : nodejs-set-value (2020-1f1c94907b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream 2.0.1 release for CVE-2019-10747\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-1f1c94907b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs-set-value package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nodejs-set-value\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"nodejs-set-value-2.0.1-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs-set-value\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-12-07T02:45:46", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * libsass \\- C/C++ port of the Sass CSS precompiler\n\nIt was discovered that LibSass incorrectly handled certain specially crafted \nsass file. An attacker could possibly use this issue to cause a denial of \nservice or other unspecified impact.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-15T00:00:00", "type": "ubuntu", "title": "LibSass vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11499", "CVE-2018-11693", "CVE-2018-11695", "CVE-2018-11696", "CVE-2018-11697", "CVE-2018-11698", "CVE-2018-19797", "CVE-2018-19827", "CVE-2018-19839", "CVE-2018-20190", "CVE-2019-6283", "CVE-2019-6284", "CVE-2019-6286"], "modified": "2021-03-15T00:00:00", "id": "USN-4837-1", "href": "https://ubuntu.com/security/notices/USN-4837-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:24:29", "description": "## Releases\n\n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 ESM\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * node-url-parse \\- Small footprint URL parser that works across Node.js and browsers\n\nIt was discovered that url-parse incorrectly handled certain inputs. If a \nuser or an automated system were tricked into opening a specially crafted \ninput file, a remote attacker could possibly use this issue to cause a \ndenial of service, or to perform a server-side request forgery attack or open \nredirect attack. (CVE-2018-3774)\n\nIt was discovered that url-parse incorrectly handled certain inputs. If a \nuser or an automated system were tricked into opening a specially crafted \ninput file, a remote attacker could possibly use this issue to bypass input \nvalidation. This issue was only fixed in Ubuntu 18.04 LTS and \nUbuntu 20.04 LTS. (CVE-2020-8124)\n\nYaniv Nizry discovered that url-parse incorrectly handled certain inputs. \nIf a user or an automated system were tricked into opening a specially crafted \ninput file, a remote attacker could possibly use this issue to cause a \ndenial of service, or to perform a server-side request forgery attack or open \nredirect attack. This issue was only fixed in Ubuntu 18.04 LTS and \nUbuntu 20.04 LTS. (CVE-2021-27515)\n\nIt was discovered that url-parse incorrectly handled certain inputs. \nIf a user or an automated system were tricked into opening a specially crafted \ninput file, a remote attacker could possibly use this issue to cause a \ndenial of service, or to perform a server-side request forgery attack or open \nredirect attack. This issue was only fixed in Ubuntu 18.04 LTS and \nUbuntu 20.04 LTS. (CVE-2021-3664)\n\nIt was discovered that url-parse incorrectly handled certain inputs. If a \nuser or an automated system were tricked into opening a specially crafted \ninput file, a remote attacker could possibly use this issue to bypass \nauthorization. This issue was only fixed in Ubuntu 18.04 LTS and \nUbuntu 20.04 LTS. (CVE-2022-0512, CVE-2022-0639, CVE-2022-0691)\n\nRohan Sharma discovered that url-parse incorrectly handled certain inputs. \nIf a user or an automated system were tricked into opening a specially crafted \ninput file, a remote attacker could possibly use this issue to bypass \nauthorization. This issue was only fixed in Ubuntu 18.04 LTS and \nUbuntu 20.04 LTS. (CVE-2022-0686)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-03-27T00:00:00", "type": "ubuntu", "title": "url-parse vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-3774", "CVE-2020-8124", "CVE-2021-27515", "CVE-2021-3664", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691"], "modified": "2023-03-27T00:00:00", "id": "USN-5973-1", "href": "https://ubuntu.com/security/notices/USN-5973-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "rocky": [{"lastseen": "2023-12-06T17:28:58", "description": "An update is available for nodejs-nodemon, nodejs-packaging.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nThe following packages have been upgraded to a later upstream version: nodejs (12.14.1). (BZ#1791067)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-04T08:35:22", "type": "rocky", "title": "12 enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-02-04T08:35:22", "id": "RLEA-2020:0330", "href": "https://errata.rockylinux.org/RLEA-2020:0330", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T17:28:58", "description": "An update is available for nodejs-nodemon, nodejs-packaging.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nNode.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: nodejs (10.19.0).\n\nSecurity Fix(es):\n\n* nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n* nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n* nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n* npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n* npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n* npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-25T07:57:02", "type": "rocky", "title": "nodejs:10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-02-25T07:57:02", "id": "RLSA-2020:0579", "href": "https://errata.rockylinux.org/RLSA-2020:0579", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T17:28:47", "description": "An update is available for nodejs-nodemon, nodejs-packaging.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nNode.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (12.20.1), nodejs-nodemon (2.0.3).\n\nSecurity Fix(es):\n\n* nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n* nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n* nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754)\n\n* nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n* nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-16T07:34:29", "type": "rocky", "title": "nodejs:12 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-3750", "CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2021-02-16T07:34:29", "id": "RLSA-2021:0549", "href": "https://errata.rockylinux.org/RLSA-2021:0549", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2023-12-06T15:47:18", "description": "\n\nNPM reports:\n\nGlobal node_modules Binary Overwrite\nSymlink reference outside of node_modules\nArbitrary File Write\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-12-18T00:00:00", "type": "freebsd", "title": "NPM -- Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2019-12-18T00:00:00", "id": "2A3588B4-AB12-11EA-A051-001B217B3468", "href": "https://vuxml.freebsd.org/freebsd/2a3588b4-ab12-11ea-a051-001b217b3468.html", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2020-01-24T17:08:57", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: nodejs-12.14.1-3.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2019-17592"], "modified": "2020-01-24T17:08:57", "id": "FEDORA:2E80F605D57E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2020-01-24T17:08:56", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: libuv-1.34.1-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2019-17592"], "modified": "2020-01-24T17:08:56", "id": "FEDORA:A049C605DCF7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/H3MQIRHVNQ6SGMDUQ4KKYJXYKSJTSGDF/", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Create nested values and any intermediaries using dot notation (a.b.c) path s. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-08T01:39:55", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: nodejs-set-value-2.0.1-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10747"], "modified": "2020-02-08T01:39:55", "id": "FEDORA:6E22E60DD65A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Deeply mix the properties of objects into the first object. Like merge-deep, but doesn't clone. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-08T01:39:51", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: nodejs-mixin-deep-1.3.2-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10746"], "modified": "2020-02-08T01:39:51", "id": "FEDORA:5D3AA60DDB80", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Deeply mix the properties of objects into the first object. Like merge-deep, but doesn't clone. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-08T02:05:18", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: nodejs-mixin-deep-1.3.2-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10746"], "modified": "2020-02-08T02:05:18", "id": "FEDORA:AE16260D235E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2023-12-06T22:41:50", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs8-nodejs (8.17.0). (BZ#1829414)\n\nSecurity Fix(es):\n\n* nodejs-brace-expansion: Regular expression denial of service (CVE-2017-18077)\n\n* nodejs-chownr: TOCTOU vulnerability in `chownr` function in chownr.js (CVE-2017-18869)\n\n* nodejs-sshpk: ReDoS when parsing crafted invalid public keys in lib/formats/ssh.js (CVE-2018-3737)\n\n* nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-3750)\n\n* npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n* npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n* npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-18T21:46:51", "type": "redhat", "title": "(RHSA-2020:2625) Moderate: rh-nodejs8-nodejs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18077", "CVE-2017-18869", "CVE-2018-3737", "CVE-2018-3750", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-06-19T02:44:18", "id": "RHSA-2020:2625", "href": "https://access.redhat.com/errata/RHSA-2020:2625", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T00:41:43", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: nodejs (10.19.0).\n\nSecurity Fix(es):\n\n* nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n* nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n* nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n* npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n* npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n* npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-24T12:24:24", "type": "redhat", "title": "(RHSA-2020:0573) Important: nodejs:10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-02-24T12:43:25", "id": "RHSA-2020:0573", "href": "https://access.redhat.com/errata/RHSA-2020:0573", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T00:41:43", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: nodejs (10.19.0).\n\nSecurity Fix(es):\n\n* nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n* nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n* nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n* npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n* npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n* npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-25T07:57:02", "type": "redhat", "title": "(RHSA-2020:0579) Important: nodejs:10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-02-25T08:23:30", "id": "RHSA-2020:0579", "href": "https://access.redhat.com/errata/RHSA-2020:0579", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T00:41:43", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs10-nodejs (10.19.0).\n\nSecurity Fix(es):\n\n* nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n* nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n* nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n* npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n* npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n* npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-25T12:25:49", "type": "redhat", "title": "(RHSA-2020:0597) Important: rh-nodejs10-nodejs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-02-25T12:50:39", "id": "RHSA-2020:0597", "href": "https://access.redhat.com/errata/RHSA-2020:0597", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T00:41:43", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs (12.16.1).\n\nSecurity Fix(es):\n\n* nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605)\n\n* nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604)\n\n* nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606)\n\n* npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775)\n\n* npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776)\n\n* npm: Global node_modules Binary Overwrite (CVE-2019-16777)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-25T15:14:08", "type": "redhat", "title": "(RHSA-2020:0602) Important: rh-nodejs12-nodejs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777"], "modified": "2020-02-25T15:38:27", "id": "RHSA-2020:0602", "href": "https://access.redhat.com/errata/RHSA-2020:0602", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T22:41:43", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (12.20.1), nodejs-nodemon (2.0.3).\n\nSecurity Fix(es):\n\n* nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n* nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n* nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754)\n\n* nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n* nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-16T07:34:29", "type": "redhat", "title": "(RHSA-2021:0549) Moderate: nodejs:12 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-3750", "CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2021-02-23T17:38:45", "id": "RHSA-2021:0549", "href": "https://access.redhat.com/errata/RHSA-2021:0549", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T22:41:43", "description": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs (12.20.1), rh-nodejs12-nodejs-nodemon (2.0.3).\n\nSecurity Fix(es):\n\n* nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746)\n\n* nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747)\n\n* nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754)\n\n* nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs: use-after-free in the TLS implementation (CVE-2020-8265)\n\n* nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-11T13:08:55", "type": "redhat", "title": "(RHSA-2021:0485) Moderate: rh-nodejs12-nodejs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-3750", "CVE-2019-10746", "CVE-2019-10747", "CVE-2020-7754", "CVE-2020-7788", "CVE-2020-8265", "CVE-2020-8287"], "modified": "2021-02-23T17:25:40", "id": "RHSA-2021:0485", "href": "https://access.redhat.com/errata/RHSA-2021:0485", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:41:30", "description": "The ovirt-engine package provides the manager for virtualization environments.\nThis manager enables admins to define hosts and networks, as well as to add\nstorage, create VMs and manage user permissions.\n\nSecurity Fix(es):\n\n* nodejs-underscore: Arbitrary code execution via the template function (CVE-2021-23358)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ua-parser-js: Regular expression denial of service via the regex (CVE-2020-7733)\n\n* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Foreman integration, which allows you to provision bare metal hosts from the Administration Portal using Foreman and then added to the Manager, was deprecated in oVirt 4.4.6 / RHV 4.4.6 and removed completely in oVirt 4.4.7 / RHV 4.4.7.\n\nSimilar functionality to provision bare metal hosts can be achieved using Foreman directly and adding an already provisioned host using the Administration Portal or the REST API. (BZ#1901011)\n\n* Adding a message banner to the web administration welcome page is straight forward using custom branding that only contains a preamble section. \nAn example of preamble branding is given here: https://bugzilla.redhat.com/attachment.cgi?id=1783329.\n\nIn an engine upgrade, the custom preamble brand remains in place and will work without issue.\n\nDuring engine backup and subsequent restore, on engine restore the custom preamble branding needs to be manually restored/reinstalled and verified. (BZ#1804774)\n\n* The column name threads_per_core in the Red hat Virtualization manager Dashboard is being deprecated, and will be removed in a future release.\nIn version 4.4.7.2 the column name for threads_per_core will be changed to number_of_threads.\nIn the Data Warehouse, the old name will be retained as an additional alias, resulting in 2 columns providing the same data: number_of_threads and threads_per_core, and threads_per_core will be removed in a future version. (BZ#1896359)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-22T14:06:26", "type": "redhat", "title": "(RHSA-2021:2865) Moderate: RHV Manager (ovirt-engine) security update [ovirt-4.4.7]", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28469", "CVE-2020-7733", "CVE-2021-23343", "CVE-2021-23358"], "modified": "2021-07-22T14:12:57", "id": "RHSA-2021:2865", "href": "https://access.redhat.com/errata/RHSA-2021:2865", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2023-02-24T01:08:50", "description": "\nMultiple vulnerabilities were found in node-types-url-parse, a Node.js\nmodule used to parse URLs, which may result in authorization bypass or\nredirection to untrusted sites.\n\n\n* [CVE-2021-3664](https://security-tracker.debian.org/tracker/CVE-2021-3664)\nurl-parse mishandles certain uses of a single (back)slash such as\n `https:\\` and `https:/`, and interprets\n the URI as a relative path. Browsers accept a single backslash\n after the protocol, and treat it as a normal slash, while url-parse\n sees it as a relative path. Depending on library usage, this may\n result in allow/block list bypasses, SSRF attacks, open redirects,\n or other undesired behavior.\n* [CVE-2021-27515](https://security-tracker.debian.org/tracker/CVE-2021-27515)\nUsing backslash in the protocol is valid in the browser, while\n url-parse thinks it's a relative path. An application that\n validates a URL using url-parse might pass a malicious link.\n* [CVE-2022-0512](https://security-tracker.debian.org/tracker/CVE-2022-0512)\nIncorrect handling of username and password can lead to failure to\n properly identify the hostname, which in turn could result in\n authorization bypass.\n* [CVE-2022-0639](https://security-tracker.debian.org/tracker/CVE-2022-0639)\nIncorrect conversion of `@` characters in protocol in\n the `href` field can lead to lead to failure to properly\n identify the hostname, which in turn could result in authorization\n bypass.\n* [CVE-2022-0686](https://security-tracker.debian.org/tracker/CVE-2022-0686)\nRohan Sharma reported that url-parse is unable to find the correct\n hostname when no port number is provided in the URL, such as in\n `http://example.com:`. This could in turn result in SSRF\n attacks, open redirects or any other vulnerability which depends on\n the `hostname` field of the parsed URL.\n* [CVE-2022-0691](https://security-tracker.debian.org/tracker/CVE-2022-0691)\nurl-parse is unable to find the correct hostname when the URL\n contains a backspace `\\b` character. This tricks\n the parser into interpreting the URL as a relative path, bypassing\n all hostname checks. It can also lead to false positive in\n `extractProtocol()`.\n\n\nFor Debian 10 buster, these problems have been fixed in version\n1.2.0-2+deb10u2.\n\n\nWe recommend that you upgrade your node-url-parse packages.\n\n\nFor the detailed security status of node-url-parse please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/node-url-parse>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-02-23T00:00:00", "type": "osv", "title": "node-url-parse - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-27515", "CVE-2021-3664", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691"], "modified": "2023-02-24T01:08:45", "id": "OSV:DLA-3336-1", "href": "https://osv.dev/vulnerability/DLA-3336-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-07T18:46:32", "description": "Versions of `just-extend` before 4.0.0 are vulnerable to prototype pollution. Provided certain input `just-extend` can add or modify properties of the `Object` prototype. These properties will be present on all objects.\n\n\n## Recommendation\n\nUpdate to version `4.0.0` or later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-07T18:17:12", "type": "osv", "title": "Prototype Pollution in just-extend", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16489"], "modified": "2023-09-07T18:30:55", "id": "OSV:GHSA-675M-85RW-J3W4", "href": "https://osv.dev/vulnerability/GHSA-675m-85rw-j3w4", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-29T19:19:11", "description": "Versions of `cryptiles` prior to 4.1.2 are vulnerable to Insufficient Entropy. The `randomDigits()` method does not provide sufficient entropy and its generates digits that are not evenly distributed.\n\n\n## Recommendation\n\nUpgrade to version 4.1.2. The package is deprecated and has been moved to `@hapi/cryptiles` and it is strongly recommended to use the maintained package.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-09-11T18:22:50", "type": "osv", "title": "Insufficient Entropy in cryptiles", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000620"], "modified": "2023-03-29T19:11:42", "id": "OSV:GHSA-RQ8G-5PC5-WRHR", "href": "https://osv.dev/vulnerability/GHSA-rq8g-5pc5-wrhr", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-12T01:27:36", "description": "Versions of `extend` prior to 3.0.2 (for 3.x) and 2.0.2 (for 2.x) are vulnerable to Prototype Pollution. The `extend()` function allows attackers to modify the prototype of Object causing the addition or modification of an existing property that will exist on all objects.\n\n\n\n\n## Recommendation\n\nIf you're using `extend` 3.x upgrade to 3.0.2 or later.\nIf you're using `extend` 2.x upgrade to 2.0.2 or later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-07T18:03:28", "type": "osv", "title": "Prototype Pollution in extend", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16492"], "modified": "2020-08-31T18:43:30", "id": "OSV:GHSA-QRMC-FJ45-QFC2", "href": "https://osv.dev/vulnerability/GHSA-qrmc-fj45-qfc2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-11T21:31:59", "description": "The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-06-07T22:11:39", "type": "osv", "title": "Denial of service in css-what", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33587"], "modified": "2021-12-02T17:48:49", "id": "OSV:GHSA-Q8PJ-2VQX-8GGC", "href": "https://osv.dev/vulnerability/GHSA-q8pj-2vqx-8ggc", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-11T21:47:23", "description": "Versions of `kind-of` 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation. \n\n\n## Recommendation\n\nUpgrade to versions 6.0.3 or later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-03-31T15:59:54", "type": "osv", "title": "Validation Bypass in kind-of", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20149"], "modified": "2021-08-23T15:03:55", "id": "OSV:GHSA-6C8F-QPHG-QJGP", "href": "https://osv.dev/vulnerability/GHSA-6c8f-qphg-qjgp", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-11T21:34:15", "description": "Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to create files on a user's system when the package is installed. It is only possible to affect files that the user running `npm install` has access to and it is not possible to over write files that already exist on disk.\n\nThis behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.\n\n\n## Recommendation\n\nUpgrade to version 6.13.3 or later.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-12-13T15:39:19", "type": "osv", "title": "Arbitrary File Write in npm", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16775"], "modified": "2021-10-21T21:16:09", "id": "OSV:GHSA-M6CX-G6QM-P2CX", "href": "https://osv.dev/vulnerability/GHSA-m6cx-g6qm-p2cx", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2022-05-12T01:15:11", "description": "A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 2.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2022-02-10T23:33:39", "type": "osv", "title": "Time-of-check Time-of-use (TOCTOU) Race Condition in chownr", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18869"], "modified": "2021-05-12T20:23:29", "id": "OSV:GHSA-C6RQ-RJC2-86V2", "href": "https://osv.dev/vulnerability/GHSA-c6rq-rjc2-86v2", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-11T00:31:09", "description": "Versions of the npm CLI prior to 6.13.3 are vulnerable to a symlink reference outside of node_modules. It is possible for packages to create symlinks to files outside of the`node_modules` folder through the `bin` field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user\u2019s system when the package is installed. Only files accessible by the user running the `npm install` are affected. \n\nThis behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.\n\n\n## Recommendation\n\nUpgrade to version 6.13.3 or later.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2019-12-13T15:39:26", "type": "osv", "title": "npm symlink reference outside of node_modules", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16776"], "modified": "2022-08-10T23:58:46", "id": "OSV:GHSA-X8QC-RRCW-4R46", "href": "https://osv.dev/vulnerability/GHSA-x8qc-rrcw-4r46", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-05-12T01:07:02", "description": "Versions of `mixin-deep` prior to 2.0.1 or 1.3.2 are vulnerable to Prototype Pollution. The `mixinDeep` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.\n\n\n\n\n## Recommendation\n\nIf you are using `mixin-deep` 2.x, upgrade to version 2.0.1 or later.\nIf you are using `mixin-deep` 1.x, upgrade to version 1.3.2 or later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-27T17:42:33", "type": "osv", "title": "Prototype Pollution in mixin-deep", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10746"], "modified": "2021-07-27T21:26:01", "id": "OSV:GHSA-FHJF-83WG-R2J9", "href": "https://osv.dev/vulnerability/GHSA-fhjf-83wg-r2j9", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T01:05:29", "description": "Versions of `set-value` prior to 3.0.1 or 2.0.1 are vulnerable to Prototype Pollution. The `set` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.\n\n\n\n\n## Recommendation\n\nIf you are using `set-value` 3.x, upgrade to version 3.0.1 or later.\nIf you are using `set-value` 2.x, upgrade to version 2.0.1 or later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-27T17:43:33", "type": "osv", "title": "Prototype Pollution in set-value", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10747"], "modified": "2021-08-17T22:17:11", "id": "OSV:GHSA-4G88-FPPR-53PP", "href": "https://osv.dev/vulnerability/GHSA-4g88-fppr-53pp", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T01:14:03", "description": "The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2021-05-24T19:52:40", "type": "osv", "title": "Regular Expression Denial of Service in browserslist", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentiality