Photon OS 3.0: Nodejs PHSA-2022-3.0-0375

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0375. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2019-10906 affecting package nodejs for versions less than 20.14.0-1

CVE-2019-10906 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...

Malicious code in appds-nodejs-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1ac973f28037939ed23e341eacd9fcc006c3709075045f2d51232131c111977 The OpenSSF Package Analysis project identified 'appds-nodejs-utils' @ 0.2.0 npm as malicious. It is considered malicious because: - The package...

nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service

A flaw was found in Node.js that allows a denial of service attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fetch function in Node.js that always decodes Brotli, making it possible for an attacker to caus...

SUSE SLES15 / openSUSE 15 Security Update : nodejs20 (SUSE-SU-2024:2574-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2574-1 advisory. Update to 20.15.1: - CVE-2024-36138: Fixed CVE-2024-27980 fix bypass bsc1227560 - CVE-2024-22020: Fixed a bypass of...

Photon OS 5.0: Nodejs PHSA-2023-5.0-0011

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0011. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Nodejs PHSA-2023-5.0-0082

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0082. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Nodejs PHSA-2023-4.0-0415

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0415. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Nodejs PHSA-2022-4.0-0262

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0262. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Nodejs PHSA-2021-4.0-0090

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0090. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Nodejs PHSA-2022-4.0-0164

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0164. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Nodejs PHSA-2022-4.0-0298

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0298. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Nodejs PHSA-2020-3.0-0119

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0119. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Nodejs PHSA-2019-2.0-0190

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0190. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 9 : nodejs (RHSA-2024:4559)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4559 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

Important Photon OS Security Update - PHSA-2024-5.0-0318

Updates of 'nodejs' packages of Photon OS have been released...

OPENSUSE-SU-2024:14193-1 nodejs-electron-30.2.0-1.1 on GA media

These are all security issues fixed in the nodejs-electron-30.2.0-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 ...

RHEL 8 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs: integrity checks according to policies can be circumvented CVE-2023-38552 - Maliciously crafted...

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs: integrity checks according to policies can be circumvented CVE-2023-38552 - Maliciously crafted...