Lucene search
Gentoo FoundationMGASA-2021-0092HistoryMar 01, 2021 - 2:16 a.m.
Updated nodejs packages fix security vulnerabilities
2021-03-0102:16:12
Gentoo Foundation
advisories.mageia.org
15
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.006 Low
EPSS
Percentile
79.0%
Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. Upgrade from Mageia 7 to 8 problem fixed.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 7 | noarch | nodejs | < 10.24.0-10 | nodejs-10.24.0-10.mga7 |
| Mageia | 8 | noarch | nodejs | < 14.16.0-1 | nodejs-14.16.0-1.mga8 |
Related
nessus
nessus
RHEL 8 : nodejs:10 (RHSA-2021:0741)
2021-03-08 00:00:00
CentOS 8 : nodejs:12 (CESA-2021:0734)
2021-03-04 00:00:00
CentOS 8 : nodejs:10 (CESA-2021:0735)
2021-03-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 14.16.0-alt1
2021-02-23 00:00:00
Security fix for the ALT Linux 9 package node version 14.16.0-alt1
2021-03-16 00:00:00
oraclelinux
oraclelinux
nodejs:10 security update
2021-03-05 00:00:00
nodejs:12 security update
2021-03-05 00:00:00
nodejs:14 security and bug fix update
2021-03-09 00:00:00
ibm
ibm
suse
suse
Security update for nodejs14 (important)
2021-02-28 00:00:00
Security update for nodejs10 (important)
2021-03-03 00:00:00
Security update for nodejs12 (important)
2021-02-28 00:00:00
osv
osv
Important: nodejs:12 security update
2021-03-04 15:17:37
Important: nodejs:14 security and bug fix update
2021-03-08 09:55:44
Important: nodejs:14 security and bug fix update
2021-03-08 09:55:44
rocky
rocky
nodejs:10 security update
2021-03-04 15:17:39
nodejs:12 security update
2021-03-04 15:17:37
nodejs:14 security and bug fix update
2021-03-08 09:55:44
redhat
redhat
(RHSA-2021:0741) Important: nodejs:10 security update
2021-03-08 09:16:17
(RHSA-2021:0739) Important: nodejs:12 security update
2021-03-08 09:15:59
(RHSA-2021:0734) Important: nodejs:12 security update
2021-03-04 15:17:37
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0092)
2022-01-28 00:00:00
Fedora: Security Advisory for nodejs (FEDORA-2021-a760169c3c)
2021-03-12 00:00:00
Fedora: Security Advisory for nodejs (FEDORA-2021-f6bd75e9d4)
2021-03-12 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: nodejs-14.16.0-1.fc33
2021-03-11 23:38:48
[SECURITY] Fedora 34 Update: nodejs-14.16.0-1.fc34
2021-03-19 20:26:10
[SECURITY] Fedora 32 Update: nodejs-12.21.0-2.fc32
2021-03-12 00:07:47
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0330
2021-03-19 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0373
2021-03-22 00:00:00
Important Photon OS Security Update - PHSA-2021-0373
2021-03-22 00:00:00
almalinux
almalinux
Important: nodejs:10 security update
2021-03-04 15:17:39
Important: nodejs:14 security and bug fix update
2021-03-08 09:55:44
Important: nodejs:12 security update
2021-03-04 15:17:37
debian
debian
[SECURITY] [DSA 4863-1] nodejs security update
2021-02-24 19:25:39
ubuntu
ubuntu
Node.js vulnerabilities
2023-10-05 00:00:00
freebsd
freebsd
Node.js -- February 2021 Security Releases
2021-02-23 00:00:00
Node.js -- July 7th 2022 Security Releases
2022-07-05 00:00:00
MySQL -- Multiple vulnerabilities
2021-07-20 00:00:00
nodejsblog
nodejsblog
February 2021 Security Releases
2021-02-23 00:00:00
July 7th 2022 Security Releases
2022-07-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-02-24 17:20:16
DNS Rebinding
2021-02-24 17:20:17
debiancve
debiancve
CVE-2021-22883
2021-03-03 18:15:00
CVE-2021-22884
2021-03-03 18:15:00
cve
cve
CVE-2021-22883
2021-03-03 18:15:00
CVE-2021-22884
2021-03-03 18:15:00
ubuntucve
ubuntucve
CVE-2021-22883
2021-03-03 00:00:00
CVE-2021-22884
2021-03-03 00:00:00
prion
prion
Design/Logic Flaw
2021-03-03 18:15:00
Code injection
2021-03-03 18:15:00
redhatcve
redhatcve
hackerone
hackerone
Node.js: DNS rebinding in --inspect (insufficient fix of CVE-2018-7160)
2020-12-31 23:31:42
alpinelinux
alpinelinux
CVE-2021-22883
2021-03-03 18:15:00
CVE-2021-22884
2021-03-03 18:15:00
ics
ics
Hitachi Energy e-mesh EMS
2022-03-31 12:00:00
Siemens SINEC INS
2022-03-10 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.006 Low
EPSS
Percentile
79.0%
Related for MGASA-2021-0092