Rocky Linux 8 : nodejs:12 (RLSA-2020:5499)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5499 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

SUSE CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload...

RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:5305)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5305 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise v11, v12 & IBM Integration Bus (CVE-2020-7608)

Summary IBM App Connect Enterprise ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-7608 DESCRIPTION: Node.js yargs-parser module could allow a remote attacker to execute arbitrary cod...

Mageia: Security Advisory (MGASA-2021-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Cloud Pak for Security contains security vulnerabilities

Summary Cloud Pak for Security v 1.6.0.1 and earlier contains security vulnerabilities, addressed in Cloud Pak for Security v 1.7.0.0 Vulnerability Details CVEID: CVE-2020-10543 DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the nested regular...

Updated nodejs-yargs-parser packages fix security vulnerability

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload CVE-2020-7608...

Oracle Linux 8 : nodejs:10 (ELSA-2021-0548)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0548 advisory. nodejs 1:10.23.1-1 - January Security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Rebase to 10.23.1 - Resolves...

Moderate: Red Hat Security Advisory: nodejs:10 security update

An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...

ALSA-2021:0548 Moderate: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...

RHEL 8 : nodejs:10 (RHSA-2021:0548)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0548 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

Moderate: Red Hat Security Advisory: rh-nodejs10-nodejs security update

An update for rh-nodejs10-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : nodejs:12 (RHSA-2020:5499)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5499 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

UBUNTU-CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload...

CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload...

CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload...

CVE-2020-7608

CVE-2020-7608 affects the yargs-parser package and enables prototype pollution via a proto payload, allowing modification of Object.prototype. Public data notes local/remote impact depending on the environment, with CVSS vectors indicating low-to-medium base severity (NVD CVSS v3.1: 5.3, LOCAL, L...

CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload...