22 matches found
RHEL 7 : rh-nodejs8-nodejs (RHSA-2018:2949)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2949 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
K34369533: Node.js vulnerability CVE-2018-7161
Security Advisory Description All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service DoS by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner th...
CVE-2018-7161 affecting package nodejs 8.11.4-7
CVE-2018-7161 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2018:1918-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : nodejs8 (openSUSE-2019-513)
This update for nodejs8 to version 8.11.3 fixes the following issues : These security issues were fixed : - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the htt...
Fedora 28 : 1:nodejs (2018-f59d961d7b)
Update for security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2018:1918-1)
This update for nodejs8 to version 8.11.3 fixes the following issues: These security issues were fixed : - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the http...
Security Bulletin: Multiple vulnerabilities in Node.js affects IBM Rational Application Developer for WebSphere Software included in Rational Developer for i
Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i RPG and COBOL + Modernization Tools, Java and EGL editions. Multiple Node.js vulnerabilities have been discovered that affect the Cordova platform packaged with...
Node.js multiple vulnerabilities (July 2018 Security Releases).
The version of Node.js installed on the remote host is 6.x prior to 6.14.3, 8.x prior to 8.11.3, 9.x prior to 9.11.2 or 10.x prior to 10.4.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's...
Security Bulletin: Node.js as used in IBM QRadar Packet Capture is susceptible to multiple vulnerabilities
Summary Node.js as used in IBM QRadar Packet Capture has been updated to resolve multiple vulnerabilities Vulnerability Details CVEID: CVE-2018-7158 Description: Node.js path module is vulnerable to a denial of service. By sending a specially crafted file path, an attacker could exploit this...
openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2018:1963-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private and IBM Cloud Private Cloud Foundry (CVE-2018-7167, CVE-2018-7164, CVE-2018-7162, CVE-2018-1000168, CVE-2018-7161)
Summary IBM Cloud Private and IBM Cloud Private Cloud Foundry are vulnerable to multiple security vulnerabilities Vulnerability Details CVEID: CVE-2018-7167 DESCRIPTION: Node.js is vulnerable to a denial of service. By invoking Buffer.fill or Buffer.alloc , a remote attacker could exploit this...
openSUSE Security Update : nodejs8 (openSUSE-2018-724)
This update for nodejs8 to version 8.11.3 fixes the following issues : These security issues were fixed : - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the htt...
Security update for nodejs8 (moderate)
This update for nodejs8 to version 8.11.3 fixes the following issues: These security issues were fixed: - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the http2...
Node.js Denial-of-Service Vulnerability - 01 - Mac OS X
Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...
Node.js DoS Vulnerability - 01 - Windows
Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...
Fedora Update for nodejs FEDORA-2018-79841c871e
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : 1:nodejs (2018-79841c871e)
Update for security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Security fix for the ALT Linux 10 package node version 8.11.3-alt1
June 30, 2018 Vitaly Lipatov 8.11.3-alt1 - new version 8.11.3 with rpmgs script - 2018-06-12, Version 8.11.3 'Carbon' LTS, @evanlucas - CVE-2018-7167, CVE-2018-7161, CVE-2018-1000168...
ALPINE-CVE-2018-7161
All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service DoS by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug wher...