37 matches found
TencentOS Server 3: nodejs (TSSA-2022:0014)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0014 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0014: nodejs:14 (ALINUX3-SA-2022:0014)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0014 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-28469: This affects the package...
Rocky Linux 8 : nodejs:14 (RLSA-2022:0350)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0350 advisory. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...
BELL-CVE-2021-37701 CVE-2021-37701 does not affect BellSoft software
Bulletin has no description...
[SECURITY] [DLA 3237-1] node-tar security update
Debian LTS Advisory DLA-3237-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 12, 2022 https://wiki.debian.org/LTS Package : node-tar Version : 4.4.6+ds1-3+deb10u2 CVE ID : CVE-2021-37701 CVE-2021-37712 Debian Bug : 993981 Cache poisoning vulnerabilities...
Security Bulletin: IBM Security Verify Governance is vulnerable to multiple security issues due to Node.js
Summary IBM has announced a release for IBM Security Verify Governance ISVG in response to security vulnerabilities. The vulnerabilities are caused by Node.js which is vulnerable to multiple threats. CVE-2021-22939, CVE-2021-44531, CVE-2021-44533, CVE-2021-37701, CVE-2021-37712, CVE-2021-22959,...
Security Bulletin: Images built from IBM App Connect Enterprise Certified Containers may be vulnerable to arbitrary code execution due to CVE-2021-37701
Summary The Node.js tar module is used by the package manager npm, which is included in the IBM App Connect Enterprise Certified Container images. Use of npm when building images based on IBM App Connect Enterprise Certified Container images may be vulnerable to arbitrary code execution. This...
AlmaLinux 8 : nodejs:14 (ALSA-2022:0350)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0350 advisory. nodejs-json-schema: Prototype pollution vulnerability CVE-2021-3918 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-7788 nodejs-glob-paren...
openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2021:1552-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Oracle Linux 8 : nodejs:14 (ELSA-2022-0350)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0350 advisory. nodejs 1:14.18.2-2 - Add missing fixes - Resolves: RHBZ2027642, RHBZ2027635 1:14.18.2-1 - Resolves: RHBZ2027609 - Resolves: RHBZ2027649, RHBZ2027646,...
Moderate: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:0350 Moderate: nodejs:14 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.18.2, nodejs-nodemon 2.0.15. BZ2027609 Security Fixes: nodejs-json-schema:...
Mageia: Security Advisory (MGASA-2021-0463)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : nodejs:14 (RHSA-2022:0246)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0246 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Moderate: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
SUSE: Security Advisory (SUSE-SU-2022:0101-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2022:0101-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0101-1 advisory. - CVE-2021-44531: Fixed improper handling of URI Subject Alternative Names bsc1194511. - CVE-2021-44532: Fixed certificate...
RHEL 7 : rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon (RHSA-2022:0041)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0041 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Moderate: Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update
An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2021:3964-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...