51 matches found
MiracleLinux 7 : rh-nodejs12-nodejs-12.18.2-1.el7 (AXSA:2020-219:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-219:03 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 nodejs-minimist:...
Rocky Linux 8 : nodejs:12 (RLSA-2020:2852)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:2852 advisory. - In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a...
Ubuntu: Security Advisory (USN-6380-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K19380843: Node.js vulnerability CVE-2020-8174
Security Advisory Description napigetvaluestring allows various kinds of memory corruption in node 10.21.0, 12.18.0, and 14.4.0. CVE-2020-8174 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently...
RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:2895)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2895 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Hitachi Energy Gateway Station (GWS) Product
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Product Vulnerability: Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate...
Mageia: Security Advisory (MGASA-2020-0372)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-8174 affecting package nodejs 8.11.4-7
CVE-2020-8174 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2020:2800-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1568-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1576-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : nodejs:10 (CESA-2020:2848)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2848 advisory. - nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 - nodejs-minimist: prototype pollution allows adding or modifying properties of...
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2020:2800-1)
This update for nodejs8 fixes the following issues : CVE-2020-8174: Fixed multiple memory corruption in napigetvaluestring bsc1172443. CVE-2020-11080: Fixed a potential denial of service when receiving unreasonably large HTTP/2 SETTINGS frames bsc1172442. CVE-2020-7598: Fixed an issue which could...
Vulnerabilities fixed in Oracle MySQL
Oracle has fixed vulnerabilities in the following Oracle MySQL products: MySQL Workbench MySQL Server MySQL Cluster MySQL Enterprise Monitor The vulnerabilities allow a malicious person, whether or not unauthenticated and remote, potentially be able to launch attacks that result in the following...
Security Bulletin: App Connect Enterprise Certified Container is affected by multiple Node.js vulnerabilities
Summary App Connect Enterprise Certified Container is vulnerable to CVE-2020-10531, CVE-2020-11080, CVE-2020-8174, CVE-2020-8172 in Node.js Vulnerability Details CVEID: CVE-2020-11080 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an error in the HTTP/2 session frame which i...
Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by a International Components for Unicode (ICU) for C/C++ vulnerability (CVE-2020-10531)
Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in International Components for Unicode ICU for C/C++ Vulnerability Details CVEID: CVE-2020-11080 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an error in the HTTP/2...
Oracle Linux 8 : nodejs:12 (ELSA-2020-2852)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2852 advisory. - Fix CVE-2020-10531 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
Oracle Linux 8 : nodejs:10 (ELSA-2020-2848)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2848 advisory. - Fixes CVE-2020-11080, CVE-2020-8174, CVE-2020-10531 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Photon OS 1.0: Nodejs PHSA-2020-1.0-0312
An update of the nodejs package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0312. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13950...
Photon OS 1.0: Nodejs10 PHSA-2020-1.0-0312
An update of the nodejs10 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0312. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...