Lucene search
K

68 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : nodejs:14 (AXSA:2021-2343:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2343:01 advisory. nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 nodejs-ssri: Regular expression DoS ReDoS...

7.5CVSS7.7AI score0.23132EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : libuv-1.41.1-1.el8 (AXSA:2021-2313:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2313:02 advisory. libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 Tenable has extracted the preceding description bloc...

5.3CVSS7.6AI score0.23132EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: libuv (TSSA-2022:0099)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0099 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.8CVSS7.4AI score0.23132EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/02/11 12:0 a.m.10 views

Azure Linux 3.0 Security Update: nodejs / pytorch (CVE-2021-22918)

The version of nodejs / pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-22918 advisory. - Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii ...

5.3CVSS7.1AI score0.23132EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/01/29 5:2 p.m.13 views

CVE-2021-22918 affecting package pytorch for versions less than 2.2.2-4

CVE-2021-22918 affecting package pytorch for versions less than 2.2.2-4. A patched version of the package is available...

5.3CVSS5.7AI score0.23132EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.29 views

CentOS 9 : libuv-1.42.0-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libuv-1.42.0-1.el9 build changelog. - Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer ...

5.3CVSS7.1AI score0.23132EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.37 views

GLSA-202401-23 : libuv: Buffer Overread

The remote host is affected by the vulnerability described in GLSA-202401-23 libuv: Buffer Overread - Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and increased without checking whether...

5.3CVSS7.1AI score0.23132EPSS
Exploits1References3
Amazon
Amazon
added 2024/01/09 12:0 a.m.3 views

Low: libuv

Issue Overview: Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can...

5.3CVSS9.2AI score0.23132EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/16 2:19 p.m.41 views

Security Bulletin: Potential Denial of Service in IBM DataPower Gateway

Summary IBM has addressed the CVE Vulnerability Details CVEID: CVE-2021-22918 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an out-of-bounds read in the libuv's uvidnatoascii function. By invoking the function using dns module's lookup function, a remote attacker could...

5.3CVSS2.5AI score0.23132EPSS
Exploits1Affected Software1
ICS
ICS
added 2022/03/08 12:0 a.m.126 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.29 views

AlmaLinux 8 : libuv (ALSA-2021:3075)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3075 advisory. - Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and...

5.3CVSS7.1AI score0.23132EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 8:10 p.m.39 views

Security Bulletin: Multiple vulnerabilities affect IBM Observability with Instana

Summary Vulnerabilities detected in Node.js versions before v14.16.2 affects IBM Observability with Instana Vulnerability Details CVEID: CVE-2021-22921 DESCRIPTION: Node.js could allow a local attacker to gain elevated privileges on the system, caused by improper configuration of permissions in t...

7.8CVSS6.9AI score0.23132EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/20 10:8 a.m.37 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to denial of service due to CVE-2021-22918

Summary IBM App Connect Enterprise Certified Container may be vulnerable to denial of service due to CVE-2021-22918. This only affects Node.js runtime processes. Vulnerability Details CVEID: CVE-2021-22918 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an out-of-bounds read ...

5.3CVSS1AI score0.23132EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/15 1:6 p.m.40 views

Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities

Summary IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities with details below Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling...

9.8CVSS0.9AI score0.37286EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/01 11:17 a.m.36 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM App Connect Enterprise v11 & v12 (CVE-2021-22918 and CVE-2021-22921)

Summary IBM App Connect Enterprise v11 & v12 ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-22918 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an out-of-bound...

7.8CVSS0.6AI score0.23132EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/24 4:54 p.m.45 views

Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

Summary The Planning Analytics Workspace component of IBM Planning Analytics is affected by vulnerabilities These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 68. Vulnerability Details CVEID: CVE-2019-10086 DESCRIPTION: Apache Commons Beanutils...

9.8CVSS9.6AI score0.93143EPSS
Exploits23Affected Software1
RedHat Linux
RedHat Linux
added 2021/09/22 9:6 a.m.68 views

Important: Red Hat Security Advisory: nodejs:12 security and bug fix update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.8AI score0.37286EPSS
Exploits8References13
RedHat Linux
RedHat Linux
added 2021/09/22 8:55 a.m.53 views

Important: Red Hat Security Advisory: nodejs:12 security and bug fix update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.8AI score0.37286EPSS
Exploits8References13
Oracle linux
Oracle linux
added 2021/08/12 12:0 a.m.68 views

nodejs:14 security, bug fix, and enhancement update

nodejs 1:14.17.3-2 - Resolves: RHBZ1980032, RHBZ1978203 - Resolves RHBZ1842826 - Don't use patch3 1:14.17.3-1 - Resolves: RHBZ1980032, RHBZ1978203 - Resolves RHBZ1842826 - Resolves CVE-2021-22918libuv, use system cipher list 1:14.16.0-3 - Resolves: RHBZ1930775 - Always build with systemtap...

7.5CVSS0.9AI score0.23132EPSS
Exploits3
CBLMariner
CBLMariner
added 2021/08/11 6:39 a.m.28 views

CVE-2021-22918 affecting package nodejs 14.17.0-1

CVE-2021-22918 affecting package nodejs 14.17.0-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS5.7AI score0.23132EPSS
Exploits1
Rows per page
Query Builder