CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1

CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...

CVE-2020-28493 affecting package nodejs for versions less than 20.14.0-1

CVE-2020-28493 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...

Azure Linux 3.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31130)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31130 advisory. - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a...

The vulnerability of the digital signature and XML encryption library for Node.js’ xml-crypto, related to improper verification of cryptographic signatures, allows attackers to escalate their privileges.

The vulnerability of the digital signature and XML encryption library for Node.js’ xml-crypto is related to improper verification of the cryptographic signature. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

Malicious code in rapyd-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 824016d2b7d246c5d458bbc5e7049f1233aa5289743b511bf1c1096dba58aefd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3115 Malicious code in rapyd-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 824016d2b7d246c5d458bbc5e7049f1233aa5289743b511bf1c1096dba58aefd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora: Security Advisory (FEDORA-2025-9a278a7768)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 42 Update: nodejs-nodemon-3.1.9-4.fc42

Simple monitor script for use during development of a node.js app. For use during development of a node.js based application. nodemon will watch the files in the directory in which nodemon was started, and if any files change, nodemon will automatically restart your node application. nodemon does...

Fedora 40 : nodejs-nodemon (2025-9a278a7768)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9a278a7768 advisory. Added patch for CVE-2024-4068 rhbz2280624 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 41 : nodejs-nodemon (2025-0951177024)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0951177024 advisory. Added patch for CVE-2024-4068 rhbz2280624 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Malicious code in nodejs-website (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78f634e9e89620bdae97a2ba6be1914334b29090ecd8c222adae9b81f2a0bbf1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Azure Linux 3.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31147)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31147 advisory. - c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom a...

nodejs-electron-33.4.6-1.1 on GA media (moderate)

nodejs-electron-33.4.6-1.1 on GA media Announcement ID: openSUSE-SU-2025:14917-1 Rating: moderate Cross-References: CVE-2025-1920 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

CVE-2024-21890 vulnerabilities

Vulnerabilities for packages: nodejs...

CVE-2024-21890 vulnerabilities

Vulnerabilities for packages: nodejs...

CVE-2025-23089 vulnerabilities

Vulnerabilities for packages: nodejs...

GHSA-F9JC-68CV-WP63 vulnerabilities

Vulnerabilities for packages: nodejs...

OPENSUSE-SU-2025:14917-1 nodejs-electron-33.4.6-1.1 on GA media

These are all security issues fixed in the nodejs-electron-33.4.6-1.1 package on the GA media of openSUSE Tumbleweed...

Azure Linux 3.0 Security Update: cmake / nghttp2 / nodejs / nodejs18 (CVE-2023-35945)

The version of cmake / nghttp2 / nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-35945 advisory. - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's...

Azure Linux 3.0 Security Update: nodejs / nodejs18 / python-jinja2 (CVE-2025-27516)

The version of nodejs / nodejs18 / python-jinja2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27516 advisory. - Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the...