Lucene search
K

68 matches found

Oracle linux
Oracle linux
added 2026/04/09 12:0 a.m.8 views

nodejs:22 security update

nodejs 1:22.22.2-1 - Update to version 22.22.2 Resolves: RHEL-154019 Fixes: CVE-2026-1528 CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-27135 CVE-2026-1528 nodejs-nodemon 3.0.1-1 - Exclude ix86 arches from building. Related: RHEL-35991 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883...

9.8CVSS5.9AI score0.26356EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.8 views

Oracle Linux 9 : nodejs:20 (ELSA-2026-2783)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2783 advisory. - Resolves: CVE-2022-25883 - Resolves: CVE-2021-35065 - Rebase to 2.0.20 Resolves: CVE-2022-3517 - Resolves CVE-2020-28469 Tenable has extracted the...

9.1CVSS6.9AI score0.04456EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : nodejs:18 (AXSA:2022-4553:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4553:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...

8.1CVSS7.5AI score0.14024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : nodejs:18 (AXSA:2023-4944:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4944:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...

8.1CVSS8.2AI score0.14024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.9 views

Atlassian Jira Service Management Data Center and Server < 10.3.14 (JSDSERVER-16469)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16469 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of...

7.5CVSS7.5AI score0.01674EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 4:6 p.m.8 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to minimatch in management-console (CVE-2022-3517)

Summary minimatch package is used by IBM Storage Fusion Data Foundation in management-console. The product may be vulnerable to DOS by calling the braceExpand function with specific arguments. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data...

7.5CVSS7.5AI score0.01674EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2022-3517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with...

7.5CVSS7.3AI score0.01674EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/31 2:13 p.m.23 views

Security Bulletin: IBM Storage Ceph is vulnerable to an Inefficient Regular Expression Complexity in the RHEL UBI (CVE-2022-3517)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2022-3517. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a...

7.5CVSS8.3AI score0.01674EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/16 8:23 p.m.42 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information CVE-2024-28849,...

9.8CVSS10AI score0.08515EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/29 2:27 p.m.57 views

Security Bulletin: Vulnerabilities in node.js affect Cloud Pak Sytem [CVE-2023-28154, CVE-2022-46175, CVE-2022-3517]

Summary Vulnerabilities in react-scripts node.js modules affect Cloud Pak System. Cloud Pak System has addressed those vulnerabilities. Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION: Webpack could allow a remote attacker to bypass security restrictions, caused by the mishandling of the...

9.8CVSS9.3AI score0.09304EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.31 views

Rocky Linux 9 : nodejs:18 (RLSA-2022:8832)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8832 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand functio...

8.1CVSS7AI score0.14024EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.41 views

Rocky Linux 9 : nodejs and nodejs-nodemon (RLSA-2023:0321)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0321 advisory. - Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906 - A vulnerability was found in the...

9.8CVSS7.3AI score0.14024EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/31 10:37 a.m.94 views

Security Bulletin: IBM QRadar User Behavior Analytics is vulnerable to components with known vulnerabilities

Summary IBM QRadar User Behavior Analytics contains vulnerable packages/components and that may be identified and potentially exploited. The packages have been updated in the latest release and the vulnerabilities identified in the CVEs have been addressed. Please follow the instructions in the...

9.8CVSS9.7AI score0.44824EPSS
Exploits7Affected Software1
OSV
OSV
added 2023/04/26 3:28 p.m.45 views

RLSA-2023:1743 Important: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.3. Security Fixes: decode-uri-component: improper input validation resulting i...

8.6CVSS8.1AI score0.24928EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2023/04/26 12:0 a.m.33 views

Rocky Linux 8 : nodejs:14 (RLSA-2023:1743)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1743 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

8.6CVSS7AI score0.24928EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.43 views

CentOS 8 : nodejs:14 (CESA-2023:1743)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:1743 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

8.6CVSS7AI score0.24928EPSS
Exploits4References8
RedHat Linux
RedHat Linux
added 2023/04/12 3:4 p.m.60 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.24928EPSS
Exploits11References19
RedHat Linux
RedHat Linux
added 2023/04/12 3:3 p.m.63 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS6.9AI score0.24928EPSS
Exploits4References9
OSV
OSV
added 2023/04/12 12:0 a.m.49 views

ALSA-2023:1743 Important: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.3. Security Fixes: decode-uri-component: improper input validation resulting i...

8.6CVSS8.1AI score0.24928EPSS
Exploits4References16
AlmaLinux
AlmaLinux
added 2023/04/12 12:0 a.m.42 views

Important: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.3. Security Fixes: decode-uri-component: improper input validation resulting i...

8.6CVSS7.8AI score0.24928EPSS
Exploits4References16
Rows per page
Query Builder