28 matches found
RHEL 7 : rh-nodejs8-nodejs (RHSA-2018:2949)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2949 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
RHEL 6 / 7 : rh-nodejs6-nodejs (RHSA-2018:2944)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2944 advisory. - nodejs: Out of bounds OOB write via UCS-2 encoding CVE-2018-12115 Note that Nessus has not tested for this issue but has instead relied only on...
Ubuntu 16.04 ESM / 18.04 ESM : Node.js vulnerabilities (USN-4796-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4796-1 advisory. Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An...
F5 Networks BIG-IP : Node.js vulnerabilities (K000137093)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2.2 / 17.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K000137093 advisory. CVE-2018-7167Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which...
BELL-CVE-2018-12115 CVE-2018-12115 does not affect BellSoft software
Bulletin has no description...
Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and Business Process Manager (BPM)
Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is...
Mageia: Security Advisory (MGASA-2019-0277)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2647-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2796-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2812-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202003-48 : Node.js: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202003-48 Node.js: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly write arbitrary files,...
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2018:2812-1)
This update for nodejs8 to version 8.11.4 fixes the following issues : Security issues fixed : CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 Upgrade to OpenSSL 1.0.2p, which fixed : -...
RHEL 7 : Red Hat OpenShift Application Runtimes Node.js 8.11.4 (RHSA-2018:2552)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2552 advisory. Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications...
RHEL 7 : Red Hat OpenShift Application Runtimes Node.js 10.9.0 (RHSA-2018:2553)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2553 advisory. Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications...
Node.js Multiple Vulnerabilities (August 2018 Security Releases)
The version of Node.js installed on the remote host is 6.x prior to 6.14.4, 8.x prior to 8.11.4 or 10.x prior to 10.9.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version...
Security Bulletin: Node.js as used in IBM QRadar Packet Capture is susceptible to multiple vulnerabilities
Summary Node.js as used in IBM QRadar Packet Capture has been updated to resolve multiple vulnerabilities Vulnerability Details CVEID: CVE-2018-7158 Description: Node.js path module is vulnerable to a denial of service. By sending a specially crafted file path, an attacker could exploit this...
openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2018:2855-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Important: Red Hat Security Advisory: rh-nodejs8-nodejs security update
An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: rh-nodejs6-nodejs security update
An update for rh-nodejs6-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2018:2816-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...