Lucene search
K

86 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : nodejs:18 (AXSA:2022-4553:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4553:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...

8.1CVSS7.5AI score0.14024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : nodejs:18 (AXSA:2023-4944:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4944:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...

8.1CVSS8.2AI score0.14024EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.25 views

openSUSE: Security Advisory for nodejs18 (SUSE-SU-2023:0419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.1AI score0.77766EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2023/11/22 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-6491-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.77766EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2023/11/21 12:0 a.m.41 views

Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS : Node.js vulnerabilities (USN-6491-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6491-1 advisory. Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening...

8.1CVSS8AI score0.77766EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.31 views

Rocky Linux 9 : nodejs:18 (RLSA-2022:8832)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8832 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand functio...

8.1CVSS7AI score0.14024EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.41 views

Rocky Linux 9 : nodejs and nodejs-nodemon (RLSA-2023:0321)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0321 advisory. - Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906 - A vulnerability was found in the...

9.8CVSS7.3AI score0.14024EPSS
Exploits2References10
NCSC
NCSC
added 2023/07/19 12:0 a.m.6 views

Vulnerabilities fixed in Oracle JD Edwards

Vulnerabilities have been fixed in Oracle JD Edwards products. A malicious party could exploit the vulnerabilities to gain access to sensitive data, or to execute arbitrary code with permissions of the application. Oracle has fixed the vulnerabilities in the following products: - JD Edwards...

9.8CVSS7.8AI score0.99615EPSS
Exploits7
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/22 8:24 p.m.30 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in Node.js (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149)

Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment CVE-2023-23918, CVE-2023-23920, CVE-2023-24807, CVE-2023-23936, CVE-2023-23919. Node.js has been upgraded in IBM Planning Analytics Workspace to...

8.5CVSS7.6AI score0.14024EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/17 4:30 p.m.45 views

Security Bulletin: IBM Db2® Graph is vulnerable to remote execution of arbitrary commands due to Node.js CVE-2022-43548

Summary Node.js open source library used by IBM Db2® Graph is affected by vulnerability CVE-2022-43548. The fix updates Node.js to 18.12.1 Vulnerability Details CVEID:CVE-2022-43548 DESCRIPTION: Node.js could allow a remote attacker to execute arbitrary commands on the system, caused by an...

8.1CVSS8.3AI score0.14024EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/04/12 7:47 p.m.35 views

K000133494: Node.js vulnerability CVE-2022-43548

Security Advisory Description A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests...

8.1CVSS7.1AI score0.14024EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/04/12 3:4 p.m.60 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.24928EPSS
Exploits11References19
Tenable Nessus
Tenable Nessus
added 2023/04/02 12:0 a.m.42 views

RHEL 8 : nodejs:14 (RHSA-2023:1533)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1533 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.7AI score0.24928EPSS
Exploits8References26
RedHat Linux
RedHat Linux
added 2023/03/30 1:6 p.m.41 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.24928EPSS
Exploits8References14
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.46 views

CBL Mariner 2.0 Security Update: nodejs (CVE-2022-43548)

The version of nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-43548 advisory. - A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an...

8.1CVSS7.3AI score0.14024EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2023/03/18 12:0 a.m.34 views

Security fix for the ALT Linux 10 package node version 16.18.1-alt1

16.18.1-alt1 built March 18, 2023 Andrey Cherepanov in task 310327 Nov. 23, 2022 Vitaly Lipatov - new version 16.18.1 with rpmrb script - CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address Medium...

8.3AI score0.14024EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/17 5:13 p.m.51 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilties (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149)

Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment CVE-2022-43548. Angular is a JavaScript framework that extends HTML CVE-2020-7676. Logback is a logging library for Java CVE-2021-42550. Golang Go...

8.5CVSS8.6AI score0.14024EPSS
Exploits1Affected Software1
Debian
Debian
added 2023/02/26 1:17 a.m.49 views

[SECURITY] [DLA 3344-1] nodejs security update

Debian LTS Advisory DLA-3344-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin February 26, 2023 https://wiki.debian.org/LTS Package : nodejs Version : 10.24.0dfsg-1deb10u3 CVE ID : CVE-2022-43548 CVE-2023-23920 Debian Bug : 1023518 1031834 Vulnerabilities have bee...

8.1CVSS7AI score0.14024EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/26 12:0 a.m.29 views

Debian dla-3344 : libnode-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3344 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3344-1 [email protected]...

8.1CVSS7.3AI score0.14024EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/02/16 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2023:0419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.9AI score0.77766EPSS
Exploits5References2
Rows per page
Query Builder