Lucene search
RedHatRHSA-2024:3545HistoryJun 03, 2024 - 6:39 a.m.
(RHSA-2024:3545) Important: nodejs security update
2024-06-0306:39:17
access.redhat.com
2
node.js
security update
http request smuggling
continuation frames
dos
cve-2024-27982
cve-2024-27983
Node.js is a software development platform for building fast and scalable
network applications in the JavaScript programming language.
Security Fix(es):
-
nodejs: HTTP Request Smuggling via Content Length Obfuscation (CVE-2024-27982)
-
nodejs: CONTINUATION frames DoS (CVE-2024-27983)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | s390x | nodejs-full-i18n | <ย 16.20.2-6.el9_0 | nodejs-full-i18n-16.20.2-6.el9_0.s390x.rpm |
| RedHat | 9 | ppc64le | nodejs-debugsource | <ย 16.20.2-6.el9_0 | nodejs-debugsource-16.20.2-6.el9_0.ppc64le.rpm |
| RedHat | 9 | s390x | nodejs-libs-debuginfo | <ย 16.20.2-6.el9_0 | nodejs-libs-debuginfo-16.20.2-6.el9_0.s390x.rpm |
| RedHat | 9 | aarch64 | nodejs-libs | <ย 16.20.2-6.el9_0 | nodejs-libs-16.20.2-6.el9_0.aarch64.rpm |
| RedHat | 9 | s390x | nodejs-libs | <ย 16.20.2-6.el9_0 | nodejs-libs-16.20.2-6.el9_0.s390x.rpm |
| RedHat | 9 | aarch64 | npm | <ย 8.19.4-1.16.20.2.6.el9_0 | npm-8.19.4-1.16.20.2.6.el9_0.aarch64.rpm |
| RedHat | 9 | aarch64 | nodejs-full-i18n | <ย 16.20.2-6.el9_0 | nodejs-full-i18n-16.20.2-6.el9_0.aarch64.rpm |
| RedHat | 9 | aarch64 | nodejs-libs-debuginfo | <ย 16.20.2-6.el9_0 | nodejs-libs-debuginfo-16.20.2-6.el9_0.aarch64.rpm |
| RedHat | 9 | x86_64 | npm | <ย 8.19.4-1.16.20.2.6.el9_0 | npm-8.19.4-1.16.20.2.6.el9_0.x86_64.rpm |
| RedHat | 9 | s390x | nodejs-debugsource | <ย 16.20.2-6.el9_0 | nodejs-debugsource-16.20.2-6.el9_0.s390x.rpm |
Related
fedora
fedora
[SECURITY] Fedora 40 Update: nodejs20-20.12.2-1.fc40
2024-04-19 21:44:22
[SECURITY] Fedora 39 Update: nodejs20-20.12.2-1.fc39
2024-04-20 01:03:33
[SECURITY] Fedora 40 Update: llhttp-9.2.1-1.fc40
2024-04-19 21:44:30
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1306-1)
2024-05-07 00:00:00
Fedora: Security Advisory for nodejs20 (FEDORA-2024-e28ccc9c17)
2024-05-27 00:00:00
openSUSE: Security Advisory for nodejs16 (SUSE-SU-2024:1306-1)
2024-04-17 00:00:00
ibm
ibm
nessus
nessus
Node.js 18.x < 18.20.1 / 20.x < 20.12.1 / 21.x < 21.7.2 Multiple Vulnerabilities (Wednesday, April 3, 2024 Security Releases).
2024-04-05 00:00:00
Fedora 40 : nodejs20 (2024-2ffe03eaa6)
2024-04-29 00:00:00
RHEL 9 : nodejs (RHSA-2024:3545)
2024-06-03 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2024-04-05 21:24:25
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0636
2024-06-21 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0243
2024-04-11 00:00:00
hackerone
hackerone
redhatcve
redhatcve
CVE-2024-27983
2024-04-03 19:27:23
CVE-2024-27982
2024-04-17 13:04:25
cve
cve
CVE-2024-27983
2024-04-09 01:15:49
CVE-2024-27982
2024-05-07 17:15:07
githubexploit
githubexploit
Exploit for CVE-2024-27983
2024-04-14 11:34:52
osv
osv
Important: nodejs security update
2024-05-20 00:00:00
Important: nodejs security update
2024-06-14 14:00:40
Important: nodejs:20 security update
2024-05-15 00:00:00
oraclelinux
oraclelinux
nodejs:18 security update
2024-05-14 00:00:00
nodejs:20 security update
2024-05-09 00:00:00
nodejs security update
2024-05-22 00:00:00
alpinelinux
alpinelinux
CVE-2024-27982
2024-05-07 17:15:07
CVE-2024-27983
2024-04-09 01:15:49
cbl_mariner
cbl_mariner
CVE-2024-27982 affecting package nodejs for versions less than 20.14.0-1
2024-06-21 09:32:44
CVE-2024-27982 affecting package nodejs18 for versions less than 18.20.2-1
2024-05-06 17:48:02
CVE-2024-27983 affecting package nodejs18 for versions less than 18.18.2-7
2024-04-30 01:31:53
ubuntucve
ubuntucve
CVE-2024-27982
2024-05-07 00:00:00
CVE-2024-27983
2024-04-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2024-04-11 02:04:36
rocky
rocky
nodejs:18 security update
2024-05-09 18:51:51
nodejs:18 security update
2024-05-09 18:50:42
nodejs:20 security update
2024-05-09 18:50:42
redhat
redhat
(RHSA-2024:2778) Important: nodejs:20 security update
2024-05-09 05:32:10
(RHSA-2024:2853) Important: nodejs:20 security update
2024-05-15 10:54:45
(RHSA-2024:2910) Important: nodejs security update
2024-05-20 01:02:30
debiancve
debiancve
CVE-2024-27982
2024-05-07 17:15:07
CVE-2024-27983
2024-04-09 01:15:49
cvelist
cvelist
CVE-2024-27982
2024-05-07 16:40:02
CVE-2024-27983
2024-04-09 01:06:43
f5
f5
K000139615: Node.js vulnerability CVE-2024-27982
2024-05-15 00:00:00
K000139532 : Node.js vulnerability CVE-2024-27983
2024-05-07 00:00:00
nvd
nvd
CVE-2024-27982
2024-05-07 17:15:07
CVE-2024-27983
2024-04-09 01:15:49
almalinux
almalinux
Important: nodejs:20 security update
2024-05-15 00:00:00
Important: nodejs:18 security update
2024-05-09 00:00:00
Important: nodejs security update
2024-05-20 00:00:00
redos
redos
ROS-20240425-03
2024-04-25 00:00:00
arista
arista
Security Advisory 0094
2024-04-05 00:00:00
thn
thn
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
2024-04-04 11:15:00
cert
cert
HTTP/2 CONTINUATION frames can be utilized for DoS attacks
2024-04-03 00:00:00