69 matches found
Debian: Security Advisory (DLA-3137-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3137-1] nodejs security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3137-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 05, 2022 https://wiki.debian.org/LTS -...
openSUSE: Security Advisory for nodejs10 (SUSE-SU-2022:2855-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1
CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: Vulnerability in Node.js- CVE - 2021-22930 may affect IBM Watson Assistant for IBM Cloud Pak for Data.
Summary A Potential vulnerability in Node.js has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security...
Mageia: Security Advisory (MGASA-2021-0394)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Event Streams UI affected by multiple node package vulnerabilities
Summary IBM Event Streams UI affected by multiple node package vulnerabilities Vulnerability Details CVEID: CVE-2021-22940 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an incomplete fix for CVE-2021-22930 related to a use-after-free on close http2 ...
OESA-2021-1409 nodejs security update
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Node.js
Summary Multiple vulnerabilities in Node.js that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID: CVE-2021-37701 DESCRIPTION: Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file...
Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway
Summary Security Vulnerabilities in Node.js affect IBM Voice Gateway. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling. An attacker could exploit this...
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to memory corruption due to CVE-2021-22930
Summary IBM App Connect Enterprise Certified Container may be vulnerable to memory corruption due to CVE-2021-22930. This only affects Node.js runtime processes. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused ...
Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities
Summary IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities with details below Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling...
Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise v11 & v12 (CVE-2021-22930)
Summary IBM App Connect Enterprise v11 & v12 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions,...
openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:1343-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:1343-1 Security update for nodejs8
nodejs8 was updated to fix the following security issues: - CVE-2021-22930: http2: fixes use after free on close in stream canceling bsc1188917 This update was imported from the SUSE:SLE-15-SP2:Update update project...
Security update for nodejs8 (important)
openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2021:1343-1 Rating: important References: 1188917 Cross-References: CVE-2021-22930 CVSS scores: CVE-2021-22930 SUSE: 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 15.2 An update...
CVE-2021-22930
CVE-2021-22930 affects Node.js before 16.6.0, 14.17.4, and 12.22.4, enabling a use-after-free in HTTP/2 close handling that could alter process behavior. Connected advisories confirm the issue and provide fixed versions: nodejs >=16.6.0, >=14.17.5, and >=12.22.5 (Arch Linux ASA-202110-5/...
SUSE: Security Advisory (SUSE-SU-2021:3294-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:3294-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2021:3294-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3294-1 advisory. - nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 Note that Nessus has not tested for this issue but has instead relied onl...