Lucene search
K

Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680629)

🗓️ 07 Oct 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 3 Views

Unity Linux 20.10.70e fixes Arborist vulnerability that could let node_modules be written elsewhere.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ALT Linux
Security fix for the ALT Linux 10 package node version 14.17.6-alt1
1 Sep 202100:00
altlinux
IBM Security Bulletins
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Node.js (CVE-2021-39135)
22 Apr 202219:30
ibm
IBM Security Bulletins
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Node.js
29 Oct 202121:37
ibm
IBM Security Bulletins
Security Bulletin: IBM App Connect Enterprise Certified Container Integration Servers may be vulnerable to a symlink attack due to CVE-2021-39135
7 Oct 202110:31
ibm
IBM Security Bulletins
Security Bulletin: IBM Security Verify Governance is vulnerable to multiple security issues due to Node.js
22 Aug 202215:20
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities affect IBM Rational® Application Developer for WebSphere® Software - September 2021
16 Nov 202119:42
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i
12 Dec 202119:49
ibm
IBM Security Bulletins
Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises
22 May 202314:23
ibm
IBM Security Bulletins
Security Bulletin: High severity vulnerabilities in libraries used by IBM Spectrum Discover (libraries of libraries)
27 Apr 202222:57
ibm
FreeBSD
Node.js -- August 2021 Security Releases (2)
31 Aug 202100:00
freebsd
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(267662);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/10");

  script_cve_id("CVE-2021-39135");

  script_name(english:"Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680629)");

  script_set_attribute(attribute:"synopsis", value:
"The Unity Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the
UTSA-2025-680629 advisory.

    `@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder
    hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be
    met, and the extraction of package contents will always be performed into the expected folder. This is
    accomplished by extracting package contents into a project's `node_modules` folder. If the `node_modules`
    folder of the root project or any of its dependencies is somehow replaced with a symbolic link, it could
    allow Arborist to write package dependencies to any arbitrary location on the file system. Note that
    symbolic links contained within package artifact contents are filtered out, so another means of creating a
    `node_modules` symbolic link would have to be employed. 1. A `preinstall` script could replace
    `node_modules` with a symlink. (This is prevented by using `--ignore-scripts`.) 2. An attacker could
    supply the target with a git repository, instructing them to run `npm install --ignore-scripts` in the
    root. This may be successful, because `npm install --ignore-scripts` is typically not capable of making
    changes outside of the project directory, so it may be deemed safe. This is patched in @npmcli/arborist
    2.8.2 which is included in npm v7.20.7 and above. For more information including workarounds please see
    the referenced GHSA-gmw6-94gg-2rc2.

Tenable has extracted the preceding description block directly from the Unity Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://src.uniontech.com/#/security_advisory_detail?utsa_id=UTSA-2025-680629
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?570c787d");
  script_set_attribute(attribute:"see_also", value:"https://gitee.com/src-openeuler/nodejs/issues/I4ZDRN");
  script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2021-39135");
  script_set_attribute(attribute:"solution", value:
"Update the affected nodejs package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-39135");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/08/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/07/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Unity Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/UOS-Server/release", "Host/UOS-Server/rpm-list", "Host/cpu");

  exit(0);
}
include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'UOS Server' >!< os_product) audit(AUDIT_OS_NOT, 'UOS Server');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'UOS Server');
if (! preg(pattern:"^20.1070e([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'UOS Server 20.1070e', 'UOS Server ' + os_version);

if (!get_kb_item('Host/UOS-Server/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('sw_64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'UOS Server', cpu);


var constraints = [
  {
    'release': '20',
    'sp': '1070e',
    'pkgs': [
      {'reference':'nodejs-12.18.4-3.02.uel20.jk', 'sp':'1070e', 'cpu':'sw_64', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}


if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

10 Oct 2025 00:00Current
7.7High risk
Vulners AI Score7.7
CVSS 24.4
CVSS 3.17.8 - 8.2
EPSS0.00553
3