The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1533 advisory.
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression. (CVE-2021-35065)
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
(CVE-2021-44906)
qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[proto]=b&a[proto]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has deps: [email protected] in its release description, is not vulnerable). (CVE-2022-24999)
This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. (CVE-2022-25881)
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service. (CVE-2022-3517)
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. (CVE-2022-35256)
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. (CVE-2022-38900)
A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this issue in https://vulners.com/cve/CVE-2022-32212 was incomplete and this new CVE is to complete the fix. (CVE-2022-43548)
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. (CVE-2022-4904)
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy. (CVE-2023-23918)
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
(CVE-2023-23920)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2023:1533. The text
# itself is copyright (C) Red Hat, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(173777);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/26");
script_cve_id(
"CVE-2021-35065",
"CVE-2021-44906",
"CVE-2022-3517",
"CVE-2022-4904",
"CVE-2022-24999",
"CVE-2022-25881",
"CVE-2022-35256",
"CVE-2022-38900",
"CVE-2022-43548",
"CVE-2023-23918",
"CVE-2023-23920"
);
script_xref(name:"RHSA", value:"2023:1533");
script_name(english:"RHEL 8 : nodejs:14 (RHSA-2023:1533)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2023:1533 advisory.
- The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service)
attacks against the enclosure regular expression. (CVE-2021-35065)
- Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
(CVE-2021-44906)
- qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node
process hang for an Express application because an __ proto__ key can be used. In many typical Express use
cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that
is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was
backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3,
which has deps: [email protected] in its release description, is not vulnerable). (CVE-2022-24999)
- This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via
malicious request header values sent to a server, when that server reads the cache policy from the request
using this library. (CVE-2022-25881)
- A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of
Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of
Service. (CVE-2022-3517)
- The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not
terminated with CLRF. This may result in HTTP Request Smuggling. (CVE-2022-35256)
- decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. (CVE-2022-38900)
- A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due
to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly
check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this
issue in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212 was incomplete and this new CVE is
to complete the fix. (CVE-2022-43548)
- A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the
input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of
service or a limited impact on confidentiality and integrity. (CVE-2022-4904)
- A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made
it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in
Node.js and access non authorized modules by using process.mainModule.require(). This only affects users
who had enabled the experimental permissions option with --experimental-policy. (CVE-2023-23918)
- An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that
could allow an attacker to search and potentially load ICU data when running with elevated privileges.
(CVE-2023-23920)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2021-35065");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2021-44906");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-3517");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-4904");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-24999");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-25881");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-35256");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-38900");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-43548");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2023-23918");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2023-23920");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2023:1533");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-44906");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 119, 350, 400, 426, 444, 863, 1321, 1333);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/17");
script_set_attribute(attribute:"patch_publication_date", value:"2023/03/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:rhel_aus:8.4");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:rhel_e4s:8.4");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:rhel_eus:8.4");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:rhel_tus:8.4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-full-i18n");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-packaging");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:npm");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var appstreams = {
'nodejs:14': [
{
'repo_relative_urls': [
'content/aus/rhel8/8.4/x86_64/appstream/debug',
'content/aus/rhel8/8.4/x86_64/appstream/os',
'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',
'content/aus/rhel8/8.4/x86_64/baseos/debug',
'content/aus/rhel8/8.4/x86_64/baseos/os',
'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',
'content/e4s/rhel8/8.4/aarch64/appstream/debug',
'content/e4s/rhel8/8.4/aarch64/appstream/os',
'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',
'content/e4s/rhel8/8.4/aarch64/baseos/debug',
'content/e4s/rhel8/8.4/aarch64/baseos/os',
'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',
'content/e4s/rhel8/8.4/ppc64le/appstream/debug',
'content/e4s/rhel8/8.4/ppc64le/appstream/os',
'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',
'content/e4s/rhel8/8.4/ppc64le/baseos/debug',
'content/e4s/rhel8/8.4/ppc64le/baseos/os',
'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',
'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',
'content/e4s/rhel8/8.4/ppc64le/highavailability/os',
'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',
'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',
'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',
'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',
'content/e4s/rhel8/8.4/ppc64le/sap/debug',
'content/e4s/rhel8/8.4/ppc64le/sap/os',
'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',
'content/e4s/rhel8/8.4/s390x/appstream/debug',
'content/e4s/rhel8/8.4/s390x/appstream/os',
'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',
'content/e4s/rhel8/8.4/s390x/baseos/debug',
'content/e4s/rhel8/8.4/s390x/baseos/os',
'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',
'content/e4s/rhel8/8.4/x86_64/appstream/debug',
'content/e4s/rhel8/8.4/x86_64/appstream/os',
'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',
'content/e4s/rhel8/8.4/x86_64/baseos/debug',
'content/e4s/rhel8/8.4/x86_64/baseos/os',
'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',
'content/e4s/rhel8/8.4/x86_64/highavailability/debug',
'content/e4s/rhel8/8.4/x86_64/highavailability/os',
'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',
'content/e4s/rhel8/8.4/x86_64/nfv/debug',
'content/e4s/rhel8/8.4/x86_64/nfv/os',
'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',
'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',
'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',
'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',
'content/e4s/rhel8/8.4/x86_64/sap/debug',
'content/e4s/rhel8/8.4/x86_64/sap/os',
'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',
'content/eus/rhel8/8.4/aarch64/appstream/debug',
'content/eus/rhel8/8.4/aarch64/appstream/os',
'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',
'content/eus/rhel8/8.4/aarch64/baseos/debug',
'content/eus/rhel8/8.4/aarch64/baseos/os',
'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',
'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',
'content/eus/rhel8/8.4/aarch64/codeready-builder/os',
'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',
'content/eus/rhel8/8.4/aarch64/highavailability/debug',
'content/eus/rhel8/8.4/aarch64/highavailability/os',
'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',
'content/eus/rhel8/8.4/aarch64/supplementary/debug',
'content/eus/rhel8/8.4/aarch64/supplementary/os',
'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/appstream/debug',
'content/eus/rhel8/8.4/ppc64le/appstream/os',
'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/baseos/debug',
'content/eus/rhel8/8.4/ppc64le/baseos/os',
'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',
'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',
'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/highavailability/debug',
'content/eus/rhel8/8.4/ppc64le/highavailability/os',
'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',
'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',
'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',
'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',
'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/sap/debug',
'content/eus/rhel8/8.4/ppc64le/sap/os',
'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',
'content/eus/rhel8/8.4/ppc64le/supplementary/debug',
'content/eus/rhel8/8.4/ppc64le/supplementary/os',
'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',
'content/eus/rhel8/8.4/s390x/appstream/debug',
'content/eus/rhel8/8.4/s390x/appstream/os',
'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',
'content/eus/rhel8/8.4/s390x/baseos/debug',
'content/eus/rhel8/8.4/s390x/baseos/os',
'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',
'content/eus/rhel8/8.4/s390x/codeready-builder/debug',
'content/eus/rhel8/8.4/s390x/codeready-builder/os',
'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',
'content/eus/rhel8/8.4/s390x/highavailability/debug',
'content/eus/rhel8/8.4/s390x/highavailability/os',
'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',
'content/eus/rhel8/8.4/s390x/resilientstorage/debug',
'content/eus/rhel8/8.4/s390x/resilientstorage/os',
'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',
'content/eus/rhel8/8.4/s390x/sap/debug',
'content/eus/rhel8/8.4/s390x/sap/os',
'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',
'content/eus/rhel8/8.4/s390x/supplementary/debug',
'content/eus/rhel8/8.4/s390x/supplementary/os',
'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/appstream/debug',
'content/eus/rhel8/8.4/x86_64/appstream/os',
'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/baseos/debug',
'content/eus/rhel8/8.4/x86_64/baseos/os',
'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',
'content/eus/rhel8/8.4/x86_64/codeready-builder/os',
'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/highavailability/debug',
'content/eus/rhel8/8.4/x86_64/highavailability/os',
'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',
'content/eus/rhel8/8.4/x86_64/resilientstorage/os',
'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',
'content/eus/rhel8/8.4/x86_64/sap-solutions/os',
'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/sap/debug',
'content/eus/rhel8/8.4/x86_64/sap/os',
'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',
'content/eus/rhel8/8.4/x86_64/supplementary/debug',
'content/eus/rhel8/8.4/x86_64/supplementary/os',
'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',
'content/tus/rhel8/8.4/x86_64/appstream/debug',
'content/tus/rhel8/8.4/x86_64/appstream/os',
'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',
'content/tus/rhel8/8.4/x86_64/baseos/debug',
'content/tus/rhel8/8.4/x86_64/baseos/os',
'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',
'content/tus/rhel8/8.4/x86_64/highavailability/debug',
'content/tus/rhel8/8.4/x86_64/highavailability/os',
'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',
'content/tus/rhel8/8.4/x86_64/nfv/debug',
'content/tus/rhel8/8.4/x86_64/nfv/os',
'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',
'content/tus/rhel8/8.4/x86_64/rt/debug',
'content/tus/rhel8/8.4/x86_64/rt/os',
'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'
],
'pkgs': [
{'reference':'nodejs-14.21.3-1.module+el8.4.0+18317+43f5ac16', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'nodejs-devel-14.21.3-1.module+el8.4.0+18317+43f5ac16', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'nodejs-docs-14.21.3-1.module+el8.4.0+18317+43f5ac16', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'nodejs-full-i18n-14.21.3-1.module+el8.4.0+18317+43f5ac16', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'nodejs-nodemon-2.0.20-3.module+el8.4.0+18317+43f5ac16', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'nodejs-packaging-23-3.module+el8.3.0+6519+9f98ed83', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'npm-6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
]
}
]
};
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var module_ver = get_kb_item('Host/RedHat/appstream/nodejs');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:14');
if ('14' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);
var flag = 0;
var appstreams_found = 0;
foreach var module (keys(appstreams)) {
var appstream = NULL;
var appstream_name = NULL;
var appstream_version = NULL;
var appstream_split = split(module, sep:':', keep:FALSE);
if (!empty_or_null(appstream_split)) {
appstream_name = appstream_split[0];
appstream_version = appstream_split[1];
if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);
}
if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
appstreams_found++;
foreach var module_array ( appstreams[module] ) {
var repo_relative_urls = NULL;
if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];
foreach var package_array ( module_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
}
if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:14');
if (flag)
{
var subscription_caveat = '\n' +
'NOTE: This vulnerability check contains fixes that apply to\n' +
'packages only available in the Red Hat Enterprise Linux\n' +
'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\n' +
'Access to these repositories requires a paid RHEL subscription.\n';
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();
else extra = subscription_caveat + rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-devel / nodejs-docs / nodejs-full-i18n / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | rhel_aus | 8.4 | cpe:/o:redhat:rhel_aus:8.4 |
redhat | rhel_e4s | 8.4 | cpe:/o:redhat:rhel_e4s:8.4 |
redhat | rhel_eus | 8.4 | cpe:/o:redhat:rhel_eus:8.4 |
redhat | rhel_tus | 8.4 | cpe:/o:redhat:rhel_tus:8.4 |
redhat | enterprise_linux | nodejs | p-cpe:/a:redhat:enterprise_linux:nodejs |
redhat | enterprise_linux | nodejs-devel | p-cpe:/a:redhat:enterprise_linux:nodejs-devel |
redhat | enterprise_linux | nodejs-docs | p-cpe:/a:redhat:enterprise_linux:nodejs-docs |
redhat | enterprise_linux | nodejs-full-i18n | p-cpe:/a:redhat:enterprise_linux:nodejs-full-i18n |
redhat | enterprise_linux | nodejs-nodemon | p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon |
redhat | enterprise_linux | nodejs-packaging | p-cpe:/a:redhat:enterprise_linux:nodejs-packaging |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24999
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25881
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38900
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23918
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920
access.redhat.com/errata/RHSA-2023:1533
access.redhat.com/security/cve/CVE-2021-35065
access.redhat.com/security/cve/CVE-2021-44906
access.redhat.com/security/cve/CVE-2022-24999
access.redhat.com/security/cve/CVE-2022-25881
access.redhat.com/security/cve/CVE-2022-3517
access.redhat.com/security/cve/CVE-2022-35256
access.redhat.com/security/cve/CVE-2022-38900
access.redhat.com/security/cve/CVE-2022-43548
access.redhat.com/security/cve/CVE-2022-4904
access.redhat.com/security/cve/CVE-2023-23918
access.redhat.com/security/cve/CVE-2023-23920