Lucene search
K

51 matches found

OSV
OSV
added 2025/10/21 10:13 p.m.8 views

CLSA-2025-1761084810 nodejs: Fix of CVE-2023-38552

CVE-2023-38552: use tamper-proof integrity check function to prevent tampering with Hash class internals in policy mechanism...

7.5CVSS7.2AI score0.01107EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.2 views

TencentOS Server 4: nodejs (TSSA-2024:0614)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0614 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7AI score0.03906EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-38552

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged...

7.5CVSS6.9AI score0.01107EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.16 views

Photon OS 5.0: Nodejs PHSA-2023-5.0-0132

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0132. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.3AI score0.01819EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.33 views

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-semver: Regular expression denial of service CVE-2022-25883 Note that Nessus has not tested for this issue b...

7.5CVSS6.9AI score0.02761EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 8 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs: Unitialized buffer due to incorrect encoding CVE-2017-15897 Note that Nessus has not tested for this issue...

3.1CVSS6.2AI score0.02303EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.40 views

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs: integrity checks according to policies can be circumvented CVE-2023-38552 - Maliciously crafted...

7.3AI score0.01302EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.40 views

openSUSE: Security Advisory for nodejs18 (SUSE-SU-2023:4207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.28 views

openSUSE: Security Advisory for nodejs12 (SUSE-SU-2023:4373-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.99999EPSS
Exploits19References4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.33 views

openSUSE: Security Advisory for nodejs12 (SUSE-SU-2023:4374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.99999EPSS
Exploits19References4
Debian
Debian
added 2023/12/27 10:12 p.m.51 views

[SECURITY] [DSA 5589-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5589-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2023 https://www.debian.org/security/faq -...

9.8CVSS7.5AI score0.03906EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/14 10:38 a.m.36 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to security restrictions bypass due to [CVE-2023-38552], [CVE-2023-39333]

Summary The Node.js runtime is used by IBM App Connect Enterprise Certified Container in all operands. IBM App Connect Enterprise Certified Container operands are vulnerable to security restrictions bypass. This bulletin provides patch information to address the reported vulnerability in Node.js...

7.5CVSS6.9AI score0.01107EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/14 5:0 p.m.76 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.99999EPSS
Exploits19References8
CBLMariner
CBLMariner
added 2023/11/08 2:7 a.m.16 views

CVE-2023-38552 affecting package nodejs18 for versions less than 18.18.2-2

CVE-2023-38552 affecting package nodejs18 for versions less than 18.18.2-2. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.8AI score0.01107EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/11/07 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2023:4373-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.44 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs12 (SUSE-SU-2023:4373-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4373-1 advisory. - CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. bsc1216190 - CVE-2023-38552: Fixed an integrity checks...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.47 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs12 (SUSE-SU-2023:4374-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4374-1 advisory. - CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. bsc1216190 - CVE-2023-38552: Fixed an integrity checks...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References7
OpenVAS
OpenVAS
added 2023/11/07 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2023:4374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References7
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.42 views

Fedora: Security Advisory (FEDORA-2023-dbe64661af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References5
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.35 views

Fedora: Security Advisory (FEDORA-2023-7b52921cae)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.99999EPSS
Exploits19References32
Rows per page
Query Builder