5 matches found
Important: Red Hat Security Advisory: nodejs:22 security, bug fix, and enhancement update
An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2026-12151 vulnerabilities
Vulnerabilities for packages: haraka, pelias-api, code-server, prism, saf, actions-runner, npm, renovate, kibana, vitess, gemini-cli, node-gyp...
Linux Distros Unpatched Vulnerability : CVE-2026-12151
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of...
CVE-2026-12151
creationtimestamp| type| source ---|---|--- 2026-06-17 16:12:44+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3moipe7e5is2g 2026-06-17 18:55:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moiyi3y4jq27 2026-06-18 15:59:01+00:00| seen|...
CVE-2026-12151
The CVE affects the undici WebSocket client (and WebSocketStream API) where maxPayloadSize is enforced per-frame but there is no limit on the number of fragments in a message. A malicious server can send many small or empty continuation frames, each passing validation, causing unbounded memory gr...