Lucene search
K

29 matches found

RedHat Linux
RedHat Linux
added yesterday5 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.18.0-0.2.hum1 aarch64, x8664 nodejs24-bin-24.18.0-0.2.hum1 noarch nodejs24-devel-24.18.0-0.2.hum1 aarch64, x8664 nodejs24-docs-24.18.0-0.2.hum1 noarch...

8.7CVSS5.8AI score0.00361EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 6 days ago9 views

CVE-2026-48934

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.3CVSS6.4AI score0.00258EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 6 days ago7 views

CVE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.7CVSS6.7AI score0.00674EPSS
Exploits0
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-39606

A flaw in Node.js proxy tunnel error handling could expose proxy credentials in ERRPROXYTUNNEL error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability...

7.5CVSS6.6AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 1:34 p.m.2 views

SUSE-SU-2026:2633-1 Security update for nodejs24

This update for nodejs24 fixes the following issues Update to 24.17.0: - CVE-2026-2581: undici: Undici: Denial of Service due to uncontrolled resource consumption bsc1268480. - CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response...

9.8CVSS6AI score0.02445EPSS
Exploits3References43
CVE
CVE
added 2026/06/18 6:1 p.m.154 views

CVE-2026-48937

A vulnerability in Node.js HTTP/2 server API can cause servers to continue accepting data after sending a GOAWAY frame. Affected release lines are Node.js 22 and Node.js 24. The issue is documented across multiple feeds (NVD, CVE-2026-48937 and HackerOne report) and is addressed in the June 2026 ...

5.3CVSS5.2AI score0.00445EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/13 1:24 a.m.7 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.16.0-1.hum1 aarch64, x8664 nodejs24-bin-24.16.0-1.hum1 noarch nodejs24-devel-24.16.0-1.hum1 aarch64, x8664 nodejs24-docs-24.16.0-1.hum1 noarch...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/04/15 12:7 p.m.12 views

nodejs24 security update

An update is available for nodejs24. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a platform built on Chrome's JavaScript runtime for easily...

9.8CVSS6.7AI score0.26356EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/14 12:55 a.m.4 views

CVE-2026-21713 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21713 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS5.8AI score0.00385EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/04/14 12:55 a.m.3 views

CVE-2026-21710 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21710 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS5.8AI score0.26356EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/04/14 12:55 a.m.4 views

CVE-2026-21714 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21714 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS5.8AI score0.00454EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/04/14 12:55 a.m.5 views

CVE-2026-21715 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21715 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

3.3CVSS5.8AI score0.00158EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/11 1:51 a.m.5 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.14.1-4.1.hum1 aarch64, x8664 nodejs24-bin-24.14.1-4.1.hum1 noarch nodejs24-devel-24.14.1-4.1.hum1 aarch64, x8664 nodejs24-docs-24.14.1-4.1.hum1 noarch...

9.1CVSS6.6AI score0.03493EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.6 views

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1526)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1526 advisory. Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 request...

9.8CVSS7.1AI score0.0115EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.8 views

Node.js 安全漏洞

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. Security vulnerabilities exist in Node.js versions 20.x, 22.x, 24.x, and 25.x. These vulnerabilities stem from improper handling of HTTP requests. When the request header contains the name...

7.5CVSS7.1AI score0.26356EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.3 views

CVE-2025-69418 affecting package nodejs24 for versions less than 24.13.0-3

CVE-2025-69418 affecting package nodejs24 for versions less than 24.13.0-3. A patched version of the package is available...

4CVSS5.8AI score0.00115EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.3 views

AlmaLinux 9 : nodejs:24 (ALSA-2026:2781)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2781 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service CVE-2025-5946...

9.1CVSS6.9AI score0.03782EPSS
Exploits2References8
OSV
OSV
added 2026/02/18 10:10 a.m.4 views

RHSA-2026:2781 Red Hat Security Advisory: nodejs:24 security update

Bulletin has no description...

7.5CVSS5.1AI score0.03782EPSS
Exploits2References28
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.4 views

RockyLinux 9 : nodejs:24 (RLSA-2026:2781)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2781 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service CVE-2025-594...

9.1CVSS6.9AI score0.03782EPSS
Exploits2References13
RedHat Linux
RedHat Linux
added 2026/02/17 9:33 a.m.10 views

Important: Red Hat Security Advisory: nodejs:24 security update

An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS7AI score0.03782EPSS
Exploits2References7
Rows per page
Query Builder