59 matches found
Atlassian Jira Service Management Data Center and Server 10.3.13 < 10.3.16 / 11.2.x < 11.2.1 (JSDSERVER-16459)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16459 advisory. - ansi-regex is vulnerable to Inefficient Regular Expression Complexity CVE-2021-3807 Note that Nessus...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2021-3807
This vulnerability affects certain versions of Atlassian Bitbucket Data Center and Server. Please describe the impact of the vulnerability here. No known vulnerability could be read off of the parent...
Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to nodejs in the management console (CVE-2021-3807)
Summary Node.js is used by IBM Storage Fusion Data Foundation in the management console and is vulnerable to a denial of service. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2021-3807. Vulnerability Details CVEID:CVE-2021-3807...
Linux Distros Unpatched Vulnerability : CVE-2021-3807
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ansi-regex is vulnerable to Inefficient Regular Expression Complexity CVE-2021-3807 Note that Nessus relies on the presence of the package as reported by the...
CentOS 9 : nodejs-16.16.0-1.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.16.0-1.el9 build changelog. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs...
CentOS 9 : nodejs-nodemon-2.0.19-1.el9
The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the nodejs-nodemon-2.0.19-1.el9 build changelog. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing...
Rocky Linux 8 : nodejs:16 (RLSA-2021:5171)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5171 advisory. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...
SUSE: Security Advisory (SUSE-SU-2023:2578-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:2578-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: bind: - Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro - There are no source changes dracut-saltboot: - Update to version 0.1.1681904360.84ef141 Load network configuration even when missing protocol version bsc1210640...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-3807 DESCRIPTION: Chalk ansi-regex module for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By sending a specially-crafted reg...
Rocky Linux 9 : nodejs and nodejs-nodemon (RLSA-2022:6595)
The remote Rocky Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2022:6595 advisory. - npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces,...
Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to ansi-regex vulnerability CVE-2021-3807
Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to ansi-regex vulnerability CVE-2021-3807 with details below. Vulnerability Details CVEID:CVE-2021-3807 DESCRIPTION: Chalk ansi-regex module for Node.js is vulnerable to a denial of service, caused b...
OTRS Multiple Vulnerabilities (OSA-2022-04)
OTRS is prone to multiple vulnerabilities. This VT has been deprecated as a duplicate of the VT SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
AlmaLinux 9 : nodejs and nodejs-nodemon (ALSA-2022:6595)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:6595 advisory. - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollut...
Oracle Linux 9 : nodejs / and / nodejs-nodemon (ELSA-2022-6595)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6595 advisory. - Rebase to version 16.16.0 Resolves: RHBZ2106290 Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 Tenable has extracted the...
RHEL 9 : nodejs and nodejs-nodemon (RHSA-2022:6595)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6595 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Moderate: Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update
An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:6595 Moderate: nodejs and nodejs-nodemon security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.16.0, nodejs-nodemon 2.0.19. BZ2124230, BZ2124233 Security Fixes: nodejs-ini:...
ALSA-2022:6595 Moderate: nodejs and nodejs-nodemon security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.16.0, nodejs-nodemon 2.0.19. BZ2124230, BZ2124233 Security Fixes: nodejs-ini:...
Moderate: Red Hat Security Advisory: nodejs:16 security and bug fix update
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...