Lucene search
K

16603 matches found

RedHat Linux
RedHat Linux
added 2024/05/09 6:26 a.m.45 views

Important: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2024/05/09 6:26 a.m.3 views

nodejs: HTTP Request Smuggling via Content Length Obfuscation

An HTTP Request Smuggling vulnerability was found in Node.js due to Content-Length Obfuscation in the HTTP server. Malformed headers, particularly if a space is inserted before a content-length header, can result in HTTP request smuggling. This flaw allows attackers to inject a second request...

6.5CVSS7.2AI score0.01155EPSS
Exploits0References5
OSV
OSV
added 2024/05/09 12:0 a.m.31 views

ALSA-2024:2778 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References12
OSV
OSV
added 2024/05/09 12:0 a.m.32 views

ALSA-2024:2780 Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

8.2CVSS7AI score0.87211EPSS
Exploits2References12
AlmaLinux
AlmaLinux
added 2024/05/09 12:0 a.m.34 views

Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

8.2CVSS7.4AI score0.87211EPSS
Exploits2References12
AlmaLinux
AlmaLinux
added 2024/05/09 12:0 a.m.35 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to...

8.2CVSS7.4AI score0.87211EPSS
Exploits2References12
AlmaLinux
AlmaLinux
added 2024/05/09 12:0 a.m.47 views

Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

8.2CVSS7.3AI score0.87211EPSS
Exploits2References12
OSV
OSV
added 2024/05/09 12:0 a.m.37 views

ALSA-2024:2779 Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

8.2CVSS7AI score0.87211EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.29 views

Rocky Linux 8 : nodejs:18 (RLSA-2024:2780)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2780 advisory. - A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function ...

8.2CVSS7.3AI score0.87211EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.36 views

RHEL 9 : nodejs:18 (RHSA-2024:2779)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2779 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

8.2CVSS7AI score0.87211EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.45 views

AlmaLinux 8 : nodejs:18 (ALSA-2024:2780)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2780 advisory. nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.34 views

RHEL 8 : nodejs:20 (RHSA-2024:2778)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2778 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

8.2CVSS7AI score0.87211EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.33 views

AlmaLinux 8 : nodejs:20 (ALSA-2024:2778)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2778 advisory. c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to retrieve...

8.2CVSS6.9AI score0.87211EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.26 views

Rocky Linux 9 : nodejs:18 (RLSA-2024:2779)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2779 advisory. - A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function ...

8.2CVSS7.3AI score0.87211EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.25 views

Rocky Linux 8 : nodejs:20 (RLSA-2024:2778)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2778 advisory. - A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function ...

8.2CVSS7.3AI score0.87211EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.35 views

Oracle Linux 8 : nodejs:20 (ELSA-2024-2778)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2778 advisory. - Backport nghttp2 patch for CVE-2024-28182 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

8.2CVSS7AI score0.87211EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.32 views

RHEL 8 : nodejs:18 (RHSA-2024:2780)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2780 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

8.2CVSS7AI score0.87211EPSS
Exploits2References12
RedHat Linux
RedHat Linux
added 2024/05/08 2:25 p.m.20 views

undertow: directory traversal vulnerability

A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories...

5.3CVSS7.1AI score0.01714EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2024/05/08 1:6 p.m.37 views

K000132430: The BIG-IP system may fail to block HTTP Request Smuggling attacks

Security Advisory Description The BIG-IP system may fail to block non-RFC-compliant HTTP requests to the pool member, which may lead to an HTTP Request Smuggling attack. This issue occurs when all of the following conditions are met: A virtual server is associated with an HTTP profile. The BIG-IP...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/08 12:0 a.m.64 views

GLSA-202405-29 : Node.js: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202405-29 Node.js: Multiple Vulnerabilities - The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution. CVE-2020-7774 - A flaw was found in c-ares library, where a missing input validation check of host...

9.8CVSS8.2AI score0.91153EPSS
Exploits30References64
Rows per page
Query Builder