Lucene search
K

51 matches found

OSV
OSV
added 2025/09/11 4:48 p.m.7 views

CLSA-2025-1757609292 nodejs: Fix of CVE-2024-22025

CVE-2024-22025: fix resource exhaustion DoS vulnerability in fetch function...

6.5CVSS6.9AI score0.01309EPSS
Exploits0References1
OSV
OSV
added 2025/08/12 8:24 a.m.1 views

ROOT-OS-DEBIAN-12-CVE-2024-22025 CVE-2024-22025 in rootio-nodejs - Patched by Root

Root has patched CVE-2024-22025 in the rootio-nodejs package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS7.6AI score0.01309EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.22 views

TencentOS Server 3: nodejs:20 (TSSA-2024:0178)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0178 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.2CVSS7AI score0.87211EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.22 views

Photon OS 5.0: Nodejs PHSA-2024-5.0-0213

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0213. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.2AI score0.03168EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/23 8:38 a.m.27 views

Moderate: Red Hat Security Advisory: nodejs security update

An update for nodejs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.5CVSS6.9AI score0.8496EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 9:24 a.m.53 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control

Summary Node.js is vulnerable to remote attacker to obtain sensitive information, denial of service, HTTP request smuggling and allow a local authenticated attacker to gain elevated privileges on the system. These vulnerabilities affect IBM Spectrum Control. CVE-2024-27983, CVE-2024-22019,...

8.2CVSS9AI score0.87211EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.22 views

CBL Mariner 2.0 Security Update: nodejs18 / nodejs (CVE-2024-22025)

The version of nodejs18 / nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22025 advisory. - A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack throu...

6.5CVSS6.9AI score0.01309EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/06/21 9:32 a.m.16 views

CVE-2024-22025 affecting package nodejs for versions less than 20.14.0-1

CVE-2024-22025 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS7AI score0.01309EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.32 views

Rocky Linux 9 : nodejs:20 (RLSA-2024:2853)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2853 advisory. c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to retrieve...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References11
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/05 2:55 p.m.25 views

Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to denial of service [CVE-2024-22025]

Summary Node.js is used by IBM App Connect Enterprise Certified Container as a runtime engine for processing data. IBM App Connect Enterprise Certified Container is vulnerable to denial of service when making HTTP calls using Node.js. This bulletin provides patch information to address the report...

6.5CVSS5.9AI score0.01309EPSS
Exploits0Affected Software1
AlmaLinux
AlmaLinux
added 2024/05/20 12:0 a.m.56 views

Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

8.2CVSS7.4AI score0.87211EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2024/05/16 12:0 a.m.34 views

AlmaLinux 9 : nodejs:20 (ALSA-2024:2853)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2853 advisory. c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to retrieve...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References6
Oracle linux
Oracle linux
added 2024/05/16 12:0 a.m.51 views

nodejs:20 security update

nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...

8.2CVSS6.8AI score0.87211EPSS
Exploits2
AlmaLinux
AlmaLinux
added 2024/05/15 12:0 a.m.37 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to...

8.2CVSS7.3AI score0.87211EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

AlmaLinux 9 : nodejs:18 (ALSA-2024:2779)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2779 advisory. nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/10 2:52 p.m.51 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js.

Summary IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-21892 DESCRIPTION: Node.js could allow a local authenticated attacker to gain elevated...

7.8CVSS7.8AI score0.03168EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/10 12:0 a.m.46 views

Oracle Linux 8 : nodejs:18 (ELSA-2024-2780)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2780 advisory. nodejs 1:18.20.2-1 - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon...

8.2CVSS7.1AI score0.87211EPSS
Exploits2References6
OSV
OSV
added 2024/05/09 6:51 p.m.38 views

RLSA-2024:2779 Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

7.5CVSS7AI score0.87211EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.34 views

AlmaLinux 8 : nodejs:20 (ALSA-2024:2778)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2778 advisory. c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to retrieve...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.26 views

Rocky Linux 9 : nodejs:18 (RLSA-2024:2779)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2779 advisory. - A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function ...

8.2CVSS7.3AI score0.87211EPSS
Exploits2References11
Rows per page
Query Builder