78 matches found
ROOT-OS-UBUNTU-2404-CVE-2026-23085 CVE-2026-23085 in rootio-linux - Patched by Root
Root has patched CVE-2026-23085 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
CVE-2026-23085
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/ 2026-04-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260408 2026-05-10 18:00:00+00:00| seen|...
BELL-CVE-2026-23085
Bulletin has no description...
CVE-2026-23085
An address truncation vulnerability was found in the Linux kernel's GICv3 ITS interrupt controller driver on 32-bit ARM systems with LPAE Large Physical Address Extension. Physical addresses above 4GB are incorrectly stored in 32-bit unsigned long variables, causing address truncation. When kmall...
DEBIAN-CVE-2026-23085
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...
CVE-2026-23085
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...
TencentOS Server 3: nodejs:18 (TSSA-2025:0194)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0194 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
K000151779: Node.js vulnerabilities CVE-2025-23083 and CVE-2025-23085
Security Advisory Description CVE-2025-23083 With the aid of the diagnosticschannel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be...
Oracle Linux 8 : nodejs:22 (ELSA-2025-8506)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8506 advisory. - Update to 22.16.0 Fixes: CVE-2025-23166 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 - Update c-ares to newest version with fix for CVE-2025-314...
Fedora: Security Advisory (FEDORA-2025-76fc32d433)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-23085
Apfloat v1.10.1 was discovered to contain a NullPointerException via the component org.apfloat.internal.DoubleScramble::scrambledouble, int, int. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The...
Alibaba Cloud Linux 3 : 0029: nodejs:20 (ALINUX3-SA-2025:0029)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0029 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-22150: Undici is an HTTP/1.1...
Security Bulletin: Multiple vulnerabilities in nodejs affect IBM Business Automation Workflow Configuration Editor (nodejs January security release)
Summary IBM Business Automation Workflow Configuration Editor repackages a nodejs runtime and multiple application level models. Vulnerabilities have been reported for the runtime and some modules.. Vulnerability Details CVEID:CVE-2025-23083 DESCRIPTION: With the aid of the diagnosticschannel...
nodejs:22 security update
An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...
RLSA-2025:1582 Moderate: nodejs:18 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 For mor...
RLSA-2025:1611 Important: nodejs:22 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...
RockyLinux 9 : nodejs:22 (RLSA-2025:1613)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1613 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs:...
RockyLinux 8 : nodejs:22 (RLSA-2025:1611)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1611 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs:...
Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2025-843)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-843 advisory. A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be...
[SECURITY] [DLA 4067-1] nodejs security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4067-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès February 25, 2025 https://wiki.debian.org/LTS -...