24 matches found
Alibaba Cloud Linux 3 : 0016: nodejs:14 (ALINUX3-SA-2021:0016)
"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-15366: An issue was discovered i...
Rocky Linux 8 : nodejs:12 (RLSA-2021:0549)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0549 advisory. - The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker...
Rocky Linux 8 : nodejs:14 (RLSA-2021:0551)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0551 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...
SUSE CVE-2020-7754
This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters...
RHEL 7 : rh-nodejs12-nodejs (RHSA-2021:0485)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0485 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Security Bulletin: Medium/low severity vulnerabilities in libraries used by IBM Spectrum Discover (libraries of libraries)
Summary Vulnerabilities in libraries used by libraries in IBM Spectrum Discover allow to a remote attackers by conduct of methodes like phishing attacks,brute force attack or execution of arbitrary code to get sensitive information, denial service condition, and other problems. Vulnerability...
Regular Expression Denial of Service
Overview npm-user-validate before 1.0.1 is vulnerable to regular expression denial of service. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters. Recommendation Upgrade to version 1.0.1 or later References - CVE - GitHub Advis...
Oracle Linux 8 : nodejs:14 (ELSA-2021-0551)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0551 advisory. nodejs 1:14.15.4-2 - Add patch for yarn crash - Resolves: RHBZ1916465 1:14.15.4-1 - Security rebase to 14.15.4 -...
Oracle Linux 8 : nodejs:10 (ELSA-2021-0548)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0548 advisory. nodejs 1:10.23.1-1 - January Security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Rebase to 10.23.1 - Resolves...
Moderate: Red Hat Security Advisory: nodejs:14 security and bug fix update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: nodejs:10 security update
An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: nodejs:14 security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.15.4. Security Fixes: nodejs-npm-user-validate: improper input validation when...
RLSA-2021:0549 Moderate: nodejs:12 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.20.1, nodejs-nodemon 2.0.3. Security Fixes: nodejs-mixin-deep: prototype pollutio...
ALSA-2021:0548 Moderate: nodejs:10 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...
Moderate: nodejs:10 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...
RHEL 8 : nodejs:12 (RHSA-2021:0549)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0549 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
RHEL 8 : nodejs:10 (RHSA-2021:0548)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0548 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Moderate: Red Hat Security Advisory: rh-nodejs10-nodejs security update
An update for rh-nodejs10-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: rh-nodejs12-nodejs security update
An update for rh-nodejs12-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise and IBM Integration Bus (CVE-2020-7754)
Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details Third Party Entry: 189917 DESCRIPTION: Node.js npm-user-validate module denial of service CVS...