28 matches found
Alibaba Cloud Linux 3 : 0016: nodejs:14 (ALINUX3-SA-2021:0016)
"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-15366: An issue was discovered i...
Rocky Linux 8 : nodejs:12 (RLSA-2020:5499)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5499 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...
Rocky Linux 8 : nodejs:14 (RLSA-2021:0551)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0551 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...
Security Bulletin: Watson AI Gateway for Cloud Pak for Data is vulnerable to an Ajv (aka Another JSON Schema Validator) could allow a remote attacker to execute arbitrary code on the system (CVE-2020-15366)
Summary Watson Gateway is an internal component, it does not expose any APIs externally. If a remote attacker gained access to the internal CP4D cluster, they could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the ajv.validate function...
RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:5305)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5305 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
OESA-2022-1620 nodejs security update
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
0.8.18-p11 (=0.8.18-p12), 02vue_toast_demo (>=1.0.1 <=1.0.4) +33271 more potentially affected by CVE-2020-15366 via ajv (>=0.2.9 <=6.12.2)
ajv NPM version =0.2.9, =1.0.1, =1.0.4, =5.0.0, =0.8.4, =0.0.1, =5.4.4, =5.4.4, =1.0.2, =2.0.0, =2.0.4 and more Source cves: CVE-2020-15366 Source advisory: OSV:GHSA-V88G-CGMW-V5XW...
Security Bulletin: Cloud Pak for Security contains security vulnerabilities
Summary Cloud Pak for Security v 1.6.0.1 and earlier contains security vulnerabilities, addressed in Cloud Pak for Security v 1.7.0.0 Vulnerability Details CVEID: CVE-2020-10543 DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the nested regular...
Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 1.2.2 security and bug fix update
An update is now available for Red Hat Ansible Automation Platform 1.2.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Oracle Linux 8 : nodejs:10 (ELSA-2021-0548)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0548 advisory. nodejs 1:10.23.1-1 - January Security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Rebase to 10.23.1 - Resolves...
Oracle Linux 8 : nodejs:14 (ELSA-2021-0551)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0551 advisory. nodejs 1:14.15.4-2 - Add patch for yarn crash - Resolves: RHBZ1916465 1:14.15.4-1 - Security rebase to 14.15.4 -...
Moderate: Red Hat Security Advisory: nodejs:14 security and bug fix update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: nodejs:10 security update
An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: nodejs:14 security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.15.4. Security Fixes: nodejs-npm-user-validate: improper input validation when...
ALSA-2021:0548 Moderate: nodejs:10 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...
Moderate: nodejs:10 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...
RHEL 8 : nodejs:10 (RHSA-2021:0548)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0548 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Moderate: Red Hat Security Advisory: rh-nodejs10-nodejs security update
An update for rh-nodejs10-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : nodejs:12 (RHSA-2020:5499)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5499 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...
Oracle Linux 8 : nodejs:12 (ELSA-2020-5499)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5499 advisory. nodejs 1:12.19.1-1 - Resolves: RHBZ1901044, 1901045, 1901046, 1901047 - c-ares, ajv and y18n CVEs and yarn installability issues Tenable has extracted...