Lucene search
K

63 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : nodejs-16.20.1-1.el9 (AXSA:2023-6283:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6283:02 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x5...

7.5CVSS5.7AI score0.03906EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : nodejs:18 (AXSA:2023-6339:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6339:01 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x5...

7.5CVSS5.7AI score0.03906EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0003

Malicious code in bioql PyPI...

7.5CVSS7AI score0.01422EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.22 views

Fedora: Security Advisory (FEDORA-2023-ad76deb86e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.03906EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/05/07 12:0 a.m.28 views

aiohttp < 3.8.5 HTTP Request Smuggling Vulnerability - Windows

aiohttp is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS8.8AI score0.03906EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2024/05/07 12:0 a.m.26 views

aiohttp < 3.8.5 HTTP Request Smuggling Vulnerability - Linux

aiohttp is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.6AI score0.03906EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2024/04/17 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-6735-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.03906EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/04/16 12:0 a.m.37 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : Node.js vulnerabilities (USN-6735-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6735-1 advisory. It was discovered that Node.js incorrectly handled the use of invalid public keys while creating ...

7.5CVSS6.8AI score0.03906EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.31 views

openSUSE: Security Advisory for nodejs14 (SUSE-SU-2023:3408-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.03906EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.36 views

CentOS 9 : nodejs-16.20.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.20.1-1.el9 build changelog. - The use of proto in process.mainModule.proto.require can bypass the policy mechanism and require modules outside of the policy.json...

7.5CVSS6.7AI score0.03906EPSS
Exploits1References9
Debian
Debian
added 2023/12/27 10:12 p.m.33 views

[SECURITY] [DSA 5589-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5589-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2023 https://www.debian.org/security/faq -...

9.8CVSS7.5AI score0.03906EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.29 views

Fedora 39 : llhttp / python-aiohttp (2023-ad76deb86e)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-ad76deb86e advisory. Update llhttp to 8.1.1 and python-aiohttp to 3.8.5. Fixes CVE-2023-30589. Tenable has extracted the preceding description block directly from the Fedora...

7.5CVSS7.6AI score0.03906EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/13 12:54 p.m.43 views

Security Bulletin: IBM DataPower Gateway vulnerable to multiple issues in Node.js

Summary IBM has addressed the following CVEs that could affect the API Gateway Director, and in version 10.5. only the New UI Vulnerability Details CVEID:CVE-2023-30588 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by invalid public key information in x509 certificates. By...

7.5CVSS7.3AI score0.03906EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2023/10/09 10:29 a.m.43 views

Important: Red Hat Security Advisory: nodejs security, bug fix, and enhancement update

An update for nodejs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.8AI score0.03906EPSS
Exploits5References16
OSV
OSV
added 2023/10/06 11:10 p.m.35 views

RLSA-2023:4536 Moderate: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs 18.16.1. BZ2223630, BZ2223631, BZ2223632, BZ2223633, BZ2223635, BZ2223642 Security Fixes: nodejs...

7.5CVSS7.1AI score0.03906EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.27 views

Rocky Linux 8 : nodejs:18 (RLSA-2023:4536)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4536 advisory. - The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request...

7.5CVSS6.9AI score0.03906EPSS
Exploits1References11
CBLMariner
CBLMariner
added 2023/09/27 6:2 p.m.25 views

CVE-2023-30589 affecting package nodejs18 for versions less than 18.17.1-2

CVE-2023-30589 affecting package nodejs18 for versions less than 18.17.1-2. An upgraded version of the package is available that resolves this issue...

7.5CVSS8AI score0.03906EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/09/26 2:56 p.m.55 views

Important: Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update

An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.7AI score0.03906EPSS
Exploits3References12
Tenable Nessus
Tenable Nessus
added 2023/08/30 12:0 a.m.35 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs12 (SUSE-SU-2023:3455-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3455-1 advisory. - CVE-2023-23918: Fixed permissions policies bypass via process.mainModule bsc1208481. - CVE-2023-32002: Fixed...

9.8CVSS6.8AI score0.03906EPSS
Exploits2References22
OpenVAS
OpenVAS
added 2023/08/29 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2023:3455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.03906EPSS
Exploits2References10
Rows per page
Query Builder