Lucene search
K

40 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: nodejs (TSSA-2022:0014)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0014 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS8.1AI score0.04456EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0014: nodejs:14 (ALINUX3-SA-2022:0014)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0014 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-28469: This affects the package...

9.8CVSS8.1AI score0.04456EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-33502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS regular expression denial of service issue because it has...

7.5CVSS7.1AI score0.01705EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 8 : 12_nodejs-nodemon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-normalize-url: ReDoS for data URLs CVE-2021-33502 Note that Nessus has not tested for this issue but has...

7.5CVSS8.6AI score0.01705EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.31 views

CentOS 9 : nodejs-nodemon-2.0.19-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the nodejs-nodemon-2.0.19-1.el9 build changelog. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing...

7.8CVSS7.3AI score0.04456EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.27 views

Rocky Linux 8 : nodejs:14 (RLSA-2022:0350)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0350 advisory. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...

9.8CVSS8.1AI score0.04456EPSS
Exploits6References19
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.29 views

Rocky Linux 8 : nodejs:16 (RLSA-2021:5171)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5171 advisory. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...

9.8CVSS7.2AI score0.04456EPSS
Exploits6References15
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:59 p.m.33 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-33502 DESCRIPTION: Node.js normalize-url module is vulnerable to a denial of service, caused by a ReDoS regular expression denial of service flaw in the data URLs. By using a...

7.5CVSS8AI score0.01705EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/06 12:0 a.m.57 views

Rocky Linux 9 : nodejs and nodejs-nodemon (RLSA-2022:6595)

The remote Rocky Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2022:6595 advisory. - npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces,...

9.8CVSS7.2AI score0.77766EPSS
Exploits6References23
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:30 p.m.38 views

Security Bulletin: Vulnerability in Node.js normalize-url affects IBM Process Mining (CVE-2021-33502)

Summary There is a vulnerability in Node.js that could allow a local attacker to launch a DOS attack. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2021-33502 DESCRIPTION: Node.js...

7.5CVSS8.3AI score0.01705EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/19 12:0 a.m.38 views

AlmaLinux 9 : nodejs and nodejs-nodemon (ALSA-2022:6595)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:6595 advisory. - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollut...

9.8CVSS7.3AI score0.77766EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.435 views

Oracle Linux 9 : nodejs / and / nodejs-nodemon (ELSA-2022-6595)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6595 advisory. - Rebase to version 16.16.0 Resolves: RHBZ2106290 Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 Tenable has extracted the...

9.8CVSS7.2AI score0.77766EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2022/09/21 12:0 a.m.49 views

RHEL 9 : nodejs and nodejs-nodemon (RHSA-2022:6595)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6595 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.3AI score0.77766EPSS
Exploits6References25
RedHat Linux
RedHat Linux
added 2022/09/20 12:27 p.m.67 views

Moderate: Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update

An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.7AI score0.77766EPSS
Exploits6References13
OSV
OSV
added 2022/09/20 11:37 a.m.36 views

RLSA-2022:6595 Moderate: nodejs and nodejs-nodemon security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.16.0, nodejs-nodemon 2.0.19. BZ2124230, BZ2124233 Security Fixes: nodejs-ini:...

7.5CVSS7.7AI score0.77766EPSS
Exploits6References13
OSV
OSV
added 2022/09/20 12:0 a.m.35 views

ALSA-2022:6595 Moderate: nodejs and nodejs-nodemon security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.16.0, nodejs-nodemon 2.0.19. BZ2124230, BZ2124233 Security Fixes: nodejs-ini:...

9.8CVSS7.7AI score0.77766EPSS
Exploits6References22
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/24 6:34 p.m.87 views

Security Bulletin: Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities

Summary Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities. IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-28469 DESCRIPTION: Node.js...

7.5CVSS1.1AI score0.2241EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/12 12:0 a.m.44 views

AlmaLinux 8 : nodejs:16 (ALSA-2021:5171)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:5171 advisory. nodejs-json-schema: Prototype pollution vulnerability CVE-2021-3918 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-7788 nodejs-glob-paren...

9.8CVSS7.1AI score0.04456EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2022/03/12 12:0 a.m.54 views

AlmaLinux 8 : nodejs:14 (ALSA-2022:0350)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0350 advisory. nodejs-json-schema: Prototype pollution vulnerability CVE-2021-3918 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-7788 nodejs-glob-paren...

9.8CVSS7.3AI score0.04456EPSS
Exploits6References10
RedHat Linux
RedHat Linux
added 2022/02/01 9:18 p.m.59 views

Moderate: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.04456EPSS
Exploits6References10
Rows per page
Query Builder