Lucene search
K

45 matches found

OpenVAS
OpenVAS
added 2022/05/18 12:0 a.m.24 views

openSUSE: Security Advisory for nodejs10 (SUSE-SU-2022:1717-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.21514EPSS
Exploits6References2
OSV
OSV
added 2022/05/17 3:43 p.m.11 views

SUSE-SU-2022:1717-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.3AI score0.21514EPSS
Exploits6References19
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.45 views

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2022:0704-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0704-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, a...

9.8CVSS7.4AI score0.15014EPSS
Exploits4References16
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.28 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2022:0704-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.37 views

openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2022:0715-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.47 views

openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2022:0704-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0704-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and...

9.8CVSS7.3AI score0.15014EPSS
Exploits4References16
OpenVAS
OpenVAS
added 2022/03/04 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:0704-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/04 12:0 a.m.93 views

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2022:0704-1 Rating: important References: 1191962 1191963 1192153 1192154 1192696 Cross-References: CVE-2021-23343 CVE-2021-32803 CVE-2021-32804 CVE-2021-3807 CVE-2021-3918 CVSS scores: CVE-2021-23343 NVD : 7.5...

8.1CVSS9.1AI score0.15014EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/03/03 12:0 a.m.23 views

openSUSE: Security Advisory for nodejs12 (openSUSE-SU-2022:0657-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2022:0657-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2022/02/25 12:0 a.m.46 views

SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2022:0570-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0570-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, a...

9.8CVSS6.9AI score0.21514EPSS
Exploits4References19
OpenVAS
OpenVAS
added 2022/02/25 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2022:0563-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2022/02/25 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:0570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.21514EPSS
Exploits4References2
OSV
OSV
added 2022/02/24 9:35 a.m.12 views

SUSE-SU-2022:0570-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.8AI score0.21514EPSS
Exploits4References13
OSV
OSV
added 2022/02/24 9:35 a.m.15 views

SUSE-SU-2022:0569-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.7AI score0.15014EPSS
Exploits4References11
OpenVAS
OpenVAS
added 2022/02/22 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:0531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.15014EPSS
Exploits4References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/11 10:12 a.m.30 views

Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus v10 (CVE-2021-32804)

Summary IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-32804 DESCRIPTION: Node.js tar module could allow a local attacker to traverse directories on the system,...

8.2CVSS1.1AI score0.15014EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/09 6:31 p.m.37 views

Security Bulletin: A security vulnerability in Node.js tar module affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in Node.js tar module affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID: CVE-2021-32804 DESCRIPTION: Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient absolute...

8.2CVSS1.7AI score0.15014EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/20 10:9 a.m.30 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to directory traversal due to CVE-2021-32804

Summary IBM App Connect Enterprise Certified Container may be vulnerable to directory traversal due to CVE-2021-32804. This only affects Node.js runtime processes. Vulnerability Details CVEID: CVE-2021-32804 DESCRIPTION: Node.js tar module could allow a local attacker to traverse directories on t...

8.2CVSS1AI score0.15014EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2021/09/27 7:40 a.m.292 views

Important: Red Hat Security Advisory: nodejs:14 security and bug fix update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.37286EPSS
Exploits5References10
Rows per page
Query Builder