Lucene search
K

26 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: nodejs (CVE-2024-21890)

The version of nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21890 advisory. - The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the...

6.5CVSS5.7AI score0.00945EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : nodejs:20 (AXSA:2024-7668:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7668:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...

9.8CVSS8.2AI score0.03168EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: nodejs:20 (TSSA-2024:0109)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0109 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7AI score0.03168EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0247: nodejs:20 (ALINUX3-SA-2024:0247)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0247 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-39331: A previously disclosed...

9.8CVSS7AI score0.01819EPSS
Exploits1References11
Wolfi
Wolfi
added 2025/03/22 10:43 a.m.19 views

CVE-2024-21890 vulnerabilities

Vulnerabilities for packages: nodejs...

6.5CVSS7.1AI score0.00945EPSS
Exploits0
Chainguard
Chainguard
added 2025/03/22 10:12 a.m.16 views

CVE-2024-21890 vulnerabilities

Vulnerabilities for packages: nodejs...

6.5CVSS7.1AI score0.00945EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-21890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example:...

6.5CVSS6.6AI score0.00945EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.22 views

Photon OS 5.0: Nodejs PHSA-2024-5.0-0213

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0213. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.2AI score0.03168EPSS
Exploits0References9
CBLMariner
CBLMariner
added 2024/06/21 9:32 a.m.14 views

CVE-2024-21890 affecting package nodejs for versions less than 20.14.0-1

CVE-2024-21890 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.9AI score0.00945EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/05/10 1:2 p.m.31 views

K000139577: Node.js vulnerability CVE-2024-21890

Security Advisory Description The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/. This misleading...

6.5CVSS6.4AI score0.00945EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/06 12:0 a.m.51 views

Rocky Linux 8 : nodejs:20 (RLSA-2024:1687)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1687 advisory. - The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For exampl...

9.8CVSS6.8AI score0.03168EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2024/04/10 12:0 a.m.39 views

AlmaLinux 8 : nodejs:20 (ALSA-2024:1687)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1687 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP reques...

9.8CVSS7.2AI score0.03168EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/04/08 8:54 a.m.129 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.9AI score0.03168EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2024/04/08 12:0 a.m.75 views

nodejs:20 security update

nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...

7.4CVSS7.9AI score0.03168EPSS
Exploits0
OSV
OSV
added 2024/04/08 12:0 a.m.58 views

ALSA-2024:1687 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...

9.8CVSS7.5AI score0.03168EPSS
Exploits0References16
AlmaLinux
AlmaLinux
added 2024/04/08 12:0 a.m.53 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...

9.8CVSS8.2AI score0.03168EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2024/03/06 12:0 a.m.88 views

Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2024-544)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-544 advisory. 2024-03-13: CVE-2024-22025 was added to this advisory. The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file...

9.8CVSS6.6AI score0.03168EPSS
Exploits0References18
Amazon
Amazon
added 2024/03/05 12:0 a.m.5 views

Important: nodejs20

Issue Overview: The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. This misleading documentation affects all users using the experimental permission model in active release lines: 20.x and 21.x. Please note...

9.8CVSS6.9AI score0.03168EPSS
Exploits0
Amazon
Amazon
added 2024/03/05 12:0 a.m.9 views

Important: nodejs20

Issue Overview: The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. This misleading documentation affects all users using the experimental permission model in active release lines: 20.x and 21.x. Please note...

9.8CVSS6.9AI score0.03168EPSS
Exploits0
Circl
Circl
added 2024/02/20 3:31 a.m.5 views

CVE-2024-21890

creationtimestamp| type| source ---|---|--- 2024-02-20 03:31:48+00:00| seen| https://t.me/ctinow/188071 2024-02-20 03:32:00+00:00| seen| https://t.me/ctinow/188080 2024-02-21 06:47:55+00:00| seen| https://t.me/arpsyndicate/3695 2024-03-15 11:26:48+00:00| seen| https://t.me/ctinow/208641 2024-11-1...

6.5CVSS6.4AI score0.00945EPSS
Exploits0References7
Rows per page
Query Builder