EUVD-2021-22834

Malware in sbrugna...

Security Bulletin: Version 10.16.3 of Node.js included in IBM Cloud Event Management 2.5.0 has several security vulnerabilities.

Summary Security Bulletin: Version 10.16.3 of Node.js included in IBM Cloud Event Management 2.5.0 has several security vulnerabilities. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP...

ALSA-2019:2925 Important: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.16.3. Security Fixes: HTTP/2: large amount of data requests leads to denial of...

Node.js third-party modules: [tree-kill] RCE via insecure command concatenation (only Windows)

I would like to report a RCE issue in the tree-kill module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: tree-kill version: 1.2.1 npm page: https://www.npmjs.com/package/tree-kill Module Description Kill all processes in the process tree, including t...

Security fix for the ALT Linux 10 package node version 10.16.3-alt1

Aug. 30, 2019 Vitaly Lipatov 10.16.3-alt1 - new version 10.16.3 with rpmrb script - libnghttp2 = 1.39.2 - CVE-2019-9511, CVE-2019-9511, CVE-2019-9513, CVE-2019-9514 - CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518...