Lucene search
K

65 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: nodejs:18 (TSSA-2025:0194)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0194 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.8CVSS6.5AI score0.01282EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2025/06/10 8:46 p.m.19 views

K000151779: Node.js vulnerabilities CVE-2025-23083 and CVE-2025-23085

Security Advisory Description CVE-2025-23083 With the aid of the diagnosticschannel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be...

7.7CVSS6.5AI score0.01282EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/05 12:0 a.m.7 views

Oracle Linux 8 : nodejs:22 (ELSA-2025-8506)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8506 advisory. - Update to 22.16.0 Fixes: CVE-2025-23166 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 - Update c-ares to newest version with fix for CVE-2025-314...

8.3CVSS6.9AI score0.01282EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2025-76fc32d433)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7.5AI score0.01282EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0029: nodejs:20 (ALINUX3-SA-2025:0029)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0029 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-22150: Undici is an HTTP/1.1...

7.7CVSS6.5AI score0.01282EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 6:33 p.m.11 views

Security Bulletin: Multiple vulnerabilities in nodejs affect IBM Business Automation Workflow Configuration Editor (nodejs January security release)

Summary IBM Business Automation Workflow Configuration Editor repackages a nodejs runtime and multiple application level models. Vulnerabilities have been reported for the runtime and some modules.. Vulnerability Details CVEID:CVE-2025-23083 DESCRIPTION: With the aid of the diagnosticschannel...

8.7CVSS8.2AI score0.01404EPSS
Exploits1Affected Software2
Rockylinux
Rockylinux
added 2025/02/26 7:11 p.m.12 views

nodejs:22 security update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

7.7CVSS6.8AI score0.01282EPSS
Exploits0
OSV
OSV
added 2025/02/26 7:9 p.m.11 views

RLSA-2025:1611 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS6.1AI score0.01282EPSS
Exploits0References4
OSV
OSV
added 2025/02/26 7:9 p.m.16 views

RLSA-2025:1582 Moderate: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 For mor...

6.8CVSS6.1AI score0.01282EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.10 views

RockyLinux 9 : nodejs:22 (RLSA-2025:1613)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1613 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs:...

7.7CVSS6.5AI score0.01282EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.11 views

Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2025-843)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-843 advisory. A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be...

5.3CVSS6.7AI score0.01282EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.19 views

RockyLinux 8 : nodejs:22 (RLSA-2025:1611)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1611 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs:...

7.7CVSS6.5AI score0.01282EPSS
Exploits0References7
Debian
Debian
added 2025/02/25 11:25 a.m.5 views

[SECURITY] [DLA 4067-1] nodejs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4067-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès February 25, 2025 https://wiki.debian.org/LTS -...

5.3CVSS6.3AI score0.01282EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.11 views

Debian: Security Advisory (DLA-4067-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.1AI score0.01282EPSS
Exploits0References2
Amazon
Amazon
added 2025/02/21 12:0 a.m.3 views

Medium: nodejs

Issue Overview: A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to...

5.3CVSS6.7AI score0.01282EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/21 12:0 a.m.9 views

Azure Linux 3.0 Security Update: nodejs / nodejs18 (CVE-2025-23085)

The version of nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23085 advisory. - A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY...

5.3CVSS6.6AI score0.01282EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/02/19 4:8 p.m.8 views

CVE-2025-23085 affecting package nodejs for versions less than 20.14.0-5

CVE-2025-23085 affecting package nodejs for versions less than 20.14.0-5. A patched version of the package is available...

5.3CVSS5.6AI score0.01282EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/19 12:0 a.m.10 views

Oracle Linux 8 : nodejs:18 (ELSA-2025-1582)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1582 advisory. nodejs 1:18.20.6-1 - Update to version 18.20.6 Resolves: RHEL-78326 Fixes: CVE-2025-23085 CVE-2025-22150 nodejs-nodemon nodejs-packaging Tenable has...

6.8CVSS6.6AI score0.01282EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/19 12:0 a.m.14 views

Oracle Linux 9 : nodejs:22 (ELSA-2025-1613)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1613 advisory. - Update to version 22.13.1 Fixes CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76354 Tenable has extracted the preceding description blo...

7.7CVSS6.6AI score0.01282EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/18 12:0 a.m.17 views

AlmaLinux 8 : nodejs:18 (ALSA-2025:1582)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1582 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 Tenable has...

6.8CVSS6.5AI score0.01282EPSS
Exploits0References4
Rows per page
Query Builder