Lucene search
K

38 matches found

Chainguard
Chainguard
added 2025/12/05 1:28 a.m.12 views

CVE-2020-15095 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce...

4.4CVSS7AI score0.00417EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.21 views

CentOS 9 : nodejs-16.16.0-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.16.0-1.el9 build changelog. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs...

9.8CVSS7.1AI score0.81464EPSS
Exploits13References19
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2020:2870-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.1AI score0.00417EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2020:2823-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.00714EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2020:2813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.05093EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2020:2800-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.07646EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2020:2812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.05093EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 12:42 a.m.56 views

Security Bulletin: IBM Cloud Pak for Applications 4.3 nodejs and nodejs-express Appsody stacks is vulnerable to information disclosure, buffer overflow and prototype pollution exposures

Summary IBM Cloud Pak for Applications 4.3 nodejs and nodejs-express Appsody stacks is vulnerable to information disclosure, buffer overflow and prototype pollution exposures CVE-2020-15095, CVE-2020-8116, CVE-2020-8201 and CVE-2020-8252. Vulnerability Details CVEID: CVE-2020-15095 DESCRIPTION:...

7.8CVSS1.6AI score0.05093EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/29 11:13 a.m.33 views

Security Bulletin: Images built from IBM App Connect Enterprise Certified Container images may be vulnerable to information exposure via CVE-2020-15095

Summary Images built from the App Connect Enterprise Certified Container images that perform an npm install may leak information through their logs when installing from a non-default location using basic auth credentials due to CVE-2020-15095. Vulnerability Details Third Party Entry: 184666...

4.4CVSS0.5AI score0.00417EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2020:2829-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.00714EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/02/20 12:0 a.m.249 views

Oracle Linux 8 : nodejs:10 (ELSA-2021-0548)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0548 advisory. nodejs 1:10.23.1-1 - January Security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Rebase to 10.23.1 - Resolves...

9.8CVSS7.2AI score0.69062EPSS
Exploits8References11
RedHat Linux
RedHat Linux
added 2021/02/16 2:25 p.m.113 views

Moderate: Red Hat Security Advisory: nodejs:10 security update

An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.9AI score0.69062EPSS
Exploits8References11
AlmaLinux
AlmaLinux
added 2021/02/16 7:34 a.m.70 views

Moderate: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...

9.8CVSS7.9AI score0.69062EPSS
Exploits8References11
OSV
OSV
added 2021/02/16 7:34 a.m.36 views

ALSA-2021:0548 Moderate: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...

9.8CVSS8AI score0.69062EPSS
Exploits8References11
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.58 views

RHEL 8 : nodejs:10 (RHSA-2021:0548)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0548 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.4AI score0.69062EPSS
Exploits8References23
RedHat Linux
RedHat Linux
added 2021/02/15 6:28 p.m.83 views

Moderate: Red Hat Security Advisory: rh-nodejs10-nodejs security update

An update for rh-nodejs10-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.69062EPSS
Exploits8References11
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.39 views

CentOS 8 : nodejs:12 (CESA-2020:4272)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4272 advisory. - npm: sensitive information exposure through logs CVE-2020-15095 - nodejs-dot-prop: prototype pollution CVE-2020-8116 - nodejs: HTTP request smuggling...

7.8CVSS7.4AI score0.05093EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2020/12/14 12:0 a.m.42 views

Fedora 33 : 1:nodejs (2020-43d5a372fc)

Update to 14.15.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

8.8CVSS6.9AI score0.08794EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.37 views

SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:2812-1)

This update for nodejs12 fixes the following issues : nodejs12 was updated to 12.18.4 LTS : - CVE-2020-8201: Fixed an HTTP Request Smuggling due to CR-to-Hyphen conversion bsc1176605. - CVE-2020-8252: Fixed a buffer overflow in realpath bsc1176589. - CVE-2020-15095: Fixed an information leak...

7.8CVSS7.2AI score0.05093EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.34 views

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2020:2870-1)

This update for nodejs8 fixes the following issues : CVE-2020-15095: Fixed information leak through log files bsc1173937. Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10 bsc1172686. Note that Tenable Network Security has extracted the preceding description...

4.4CVSS6.8AI score0.00417EPSS
Exploits0References5
Rows per page
Query Builder