Amazon Linux 2022 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2022-2022-019)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-019 advisory. A flaw was found in node.js where it accepted a certificate's Subject Alternative Names SAN entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active...

The vulnerability of the Web Services Management Agent component of the Cisco Industrial Network Director software package allows a perpetrator to execute a type of attack known as “man-in-the-middle” attacks.

The vulnerability of the Web Services Management Agent component of the Cisco Industrial Network Director software package is related to errors in certificate verification for X.509 certificates. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...