Lucene search
K

48 matches found

RedHat Linux
RedHat Linux
added yesterday7 views

Important: Red Hat Security Advisory: nodejs:22 security, bug fix, and enhancement update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.5AI score0.02445EPSS
Exploits1References15
OSV
OSV
added yesterday2 views

RHSA-2026:35842 Red Hat Security Advisory: nodejs22 security, bug fix, and enhancement update

Bulletin has no description...

8.1CVSS5.9AI score0.02445EPSS
Exploits1References66
RedHat Linux
RedHat Linux
added 4 days ago7 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs22: nodejs22-22.23.1-2.hum1 aarch64, x8664 nodejs22-bin-22.23.1-2.hum1 noarch nodejs22-devel-22.23.1-2.hum1 aarch64, x8664 nodejs22-docs-22.23.1-2.hum1 noarch...

9.8CVSS5.9AI score0.00656EPSS
Exploits0References9
OSV
OSV
added 2026/06/26 10:34 a.m.3 views

SUSE-SU-2026:2647-1 Security update for nodejs22

This update for nodejs22 fixes the following issues Update to 22.23.0: - CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery bsc1268479. - CVE-2026-9496: pacote: excessive CPU consumption in addGitSha when processing a...

9.8CVSS6.6AI score0.02445EPSS
Exploits3References39
ATTACKERKB
ATTACKERKB
added 2026/06/26 1:14 a.m.10 views

CVE-2026-48934

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.3CVSS6.4AI score0.00258EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/26 1:14 a.m.8 views

EUVD-2026-39606

A flaw in Node.js proxy tunnel error handling could expose proxy credentials in ERRPROXYTUNNEL error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability...

7.5CVSS6.6AI score0.00437EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 1:14 a.m.9 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.6AI score0.02445EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/26 1:14 a.m.7 views

CVE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.7CVSS6.7AI score0.00674EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/24 3:33 a.m.8 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs22: nodejs22-22.23.1-1.hum1 aarch64, x8664 nodejs22-bin-22.23.1-1.hum1 noarch nodejs22-devel-22.23.1-1.hum1 aarch64, x8664 nodejs22-docs-22.23.1-1.hum1 noarch...

7.7CVSS6.8AI score0.02445EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/22 6:59 p.m.4 views

CVE-2026-48931

A flaw in Node.js HTTP Agent can cause a client to accept as valid a response that is send before the client has sent the request. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.7CVSS5.9AI score0.00371EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/18 6:1 p.m.157 views

CVE-2026-48937

A vulnerability in Node.js HTTP/2 server API can cause servers to continue accepting data after sending a GOAWAY frame. Affected release lines are Node.js 22 and Node.js 24. The issue is documented across multiple feeds (NVD, CVE-2026-48937 and HackerOne report) and is addressed in the June 2026 ...

5.3CVSS5.2AI score0.00445EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/08 7:29 p.m.17 views

[SECURITY] Fedora 44 Update: nodejs22-22.22.2-3.fc44

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

9.8CVSS6.8AI score0.26356EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

Fedora 43 : nodejs22 (2026-e3f870229a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e3f870229a advisory. Update to version 22.22.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS7AI score0.26356EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.6 views

Fedora 44 : nodejs22 (2026-3b76d8047d)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3b76d8047d advisory. Update to version 22.22.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS7AI score0.26356EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

SUSE SLES15 Security Update : nodejs22 (SUSE-SU-2026:1478-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1478-1 advisory. Update to version 22.22.2. - CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism...

7.5CVSS7.3AI score0.26356EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.6 views

AlmaLinux 8 : nodejs:22 (ALSA-2026:7123)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7123 advisory. brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547 minimatch: minimatch: Denial of Service via special...

9.8CVSS5.9AI score0.26356EPSS
Exploits2References11
OSV
OSV
added 2026/04/15 10:10 a.m.5 views

RHSA-2026:7983 Red Hat Security Advisory: nodejs:22 security update

Bulletin has no description...

7.5CVSS6.8AI score0.26356EPSS
Exploits2References59
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

RHEL 9 : nodejs:22 (RHSA-2026:7983)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7983 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

9.8CVSS6.8AI score0.26356EPSS
Exploits2References20
RedHat Linux
RedHat Linux
added 2026/04/10 4:3 p.m.14 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs22: nodejs22-22.22.0-1.3.hum1 aarch64, x8664 nodejs22-bin-22.22.0-1.3.hum1 noarch nodejs22-devel-22.22.0-1.3.hum1 aarch64, x8664 nodejs22-docs-22.22.0-1.3.hum1 noarch...

10CVSS6.6AI score0.03782EPSS
Exploits3References13
OSV
OSV
added 2026/04/10 10:9 a.m.4 views

RHSA-2026:7310 Red Hat Security Advisory: nodejs22 security update

Bulletin has no description...

7.5CVSS6.6AI score0.26356EPSS
Exploits2References59
Rows per page
Query Builder