SUSE-SU-2022:1461-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: - CVE-2022-0778: Fixed a infinite loop in BNmodsqrt reachable when parsing certificates bsc1196877. - CVE-2021-44906: Fixed a prototype pollution in node-minimist bsc1198247. - CVE-2021-44907: Fixed a potential Denial of Service vulnerability i...

SUSE-SU-2022:1459-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - CVE-2022-0778: Fixed a infinite loop in BNmodsqrt reachable when parsing certificates bsc1196877. - CVE-2021-44906: Fixed a prototype pollution in node-minimist bsc1198247. - CVE-2021-44907: Fixed a potential Denial of Service vulnerability i...

git-interface 操作系统命令注入漏洞

git-interface is an interface for using git repositories in node.js by the Russian individual developer Yarkeev Denis. A security vulnerability exists in yarkeev git-interface versions prior to 2.1.1, which stems from a lack of filtering of the git clone and git --upload-pack command line...

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.3 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.4.3 General Availability release images. This update provides security fixes, bug fixes, and updates the container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

@aarconada/urserver (>=0.0.1 <=0.0.990), @alterior/core (>=0.0.1 <=2.0.0-b1) +195 more potentially affected by CVE-2022-27261 via express-fileupload (>=0.0.5 <=1.3.1)

express-fileupload NPM version =0.0.5, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.1.155, =2.0.0-alpha.0, =1.0.0, =0.12.0, =0.0.2-90, =0.0.1-alpha.151, =0.0.1-alpha.44, =0.0.1, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2022-27261 Source advisory: OSV:GHSA-W4M6-X6C2-J5C9...

CVE-2022-29080

The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value...

CVE-2021-22939 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22939 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-22940 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22940 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-21824 affecting package nodejs for versions less than 16.14.0-1

CVE-2022-21824 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44533 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-44533 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44532 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-44532 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44531 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-44531 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-22931 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22931 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprise v11 & v12 (CVE-2021-3711)

Summary Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprsie. The DataDirect ODBC Drivers & Nodejs used by IBM App Connect Enterprise and IBM Integration Bus have addressed the applicable CVEs Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is...

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Overview git-pull-or-clone is an Ensure a git repo exists on disk and that it's up-to-date Affected versions of this package are vulnerable to Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' due to the use of the --upload-pack feature of git which is also supporte...

[SECURITY] Fedora 36 Update: python-fastapi-0.75.0-3.fc36

FastAPI is a modern, fast high-performance, web framework for building APIs with Python 3.6+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with NodeJS and Go thanks to Starlette and Pydantic. One of the fastest Python...

Critical Photon OS Security Update - PHSA-2022-0375

Updates of 'squashfs-tools', 'go', 'python3', 'httpd', 'nodejs', 'bindutils', 'bluez' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2022-3.0-0375

Updates of 'go', 'nodejs', 'util-linux', 'httpd', 'squashfs-tools', 'python3', 'bindutils', 'bluez' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-0453

Updates of 'nodejs' packages of Photon OS have been released...