Lucene search

K
oraclelinuxOracleLinuxELSA-2022-6448
HistorySep 15, 2022 - 12:00 a.m.

nodejs:14 security and bug fix update

2022-09-1500:00:00
linux.oracle.com
16

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.4%

nodejs
[1:14.20.0-2]

  • Replace with_* macros with RPM confitionals
  • Unify configure calls into single command
  • Refactor bootstrap-related parts
  • Decouple dependency bundling from bootstrapping
  • Resolves: RHBZ#2111417
    [1:14.20.0-1]
  • Rebase to latest version
  • Resolves: RHBZ#2106367
  • CVE fixes for CVE-2022-32212/3/4/5
  • Resolves: #2109576, #2109579, #2109582, #2109585
    [1:14.18.2-3]
  • Resolves: RHBZ#2029519
  • Add missing BZ to changelog
    nodejs-nodemon
    [2.0.19-2]
  • Switched from autosetup
  • Removed CODE_OF_CONDUCT.md and faq.md which is not present in npmjs package, might switch to GH sources in the future
  • Resolves: RHBZ#2109919
    [2.0.19-1]
  • Rebase to 2.0.19
  • Resolves CVE-2022-33987
  • Resolves: RHBZ#2109919

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.4%