Lucene search
K

69 matches found

OpenVAS
OpenVAS
added 2022/10/06 12:0 a.m.20 views

Debian: Security Advisory (DLA-3137-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.37286EPSS
Exploits1References4
Debian
Debian
added 2022/10/05 3:18 p.m.67 views

[SECURITY] [DLA 3137-1] nodejs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3137-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 05, 2022 https://wiki.debian.org/LTS -...

9.8CVSS9.6AI score0.37286EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/08/24 12:0 a.m.25 views

openSUSE: Security Advisory for nodejs10 (SUSE-SU-2022:2855-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.7AI score0.81464EPSS
Exploits5References2
CBLMariner
CBLMariner
added 2022/04/09 6:52 a.m.21 views

CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

9.8CVSS9.4AI score0.37286EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/25 8:28 p.m.35 views

Security Bulletin: Vulnerability in Node.js- CVE - 2021-22930 may affect IBM Watson Assistant for IBM Cloud Pak for Data.

Summary A Potential vulnerability in Node.js has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security...

9.8CVSS8.8AI score0.37286EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2021-0394)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.37286EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/21 5:39 p.m.53 views

Security Bulletin: IBM Event Streams UI affected by multiple node package vulnerabilities

Summary IBM Event Streams UI affected by multiple node package vulnerabilities Vulnerability Details CVEID: CVE-2021-22940 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an incomplete fix for CVE-2021-22930 related to a use-after-free on close http2 ...

9.8CVSS8.4AI score0.37286EPSS
Exploits2Affected Software1
OSV
OSV
added 2021/10/30 11:3 a.m.6 views

OESA-2021-1409 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

9.8CVSS6.8AI score0.37286EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/29 9:37 p.m.104 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Node.js

Summary Multiple vulnerabilities in Node.js that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID: CVE-2021-37701 DESCRIPTION: Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file...

9.8CVSS0.6AI score0.37286EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/21 5:9 p.m.47 views

Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway

Summary Security Vulnerabilities in Node.js affect IBM Voice Gateway. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling. An attacker could exploit this...

9.8CVSS1AI score0.37286EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/20 10:8 a.m.38 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to memory corruption due to CVE-2021-22930

Summary IBM App Connect Enterprise Certified Container may be vulnerable to memory corruption due to CVE-2021-22930. This only affects Node.js runtime processes. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused ...

9.8CVSS1.3AI score0.37286EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/15 1:6 p.m.41 views

Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities

Summary IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities with details below Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling...

9.8CVSS0.9AI score0.37286EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/12 12:35 p.m.44 views

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise v11 & v12 (CVE-2021-22930)

Summary IBM App Connect Enterprise v11 & v12 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-22930 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions,...

9.8CVSS0.5AI score0.37286EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/10/12 12:0 a.m.24 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:1343-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.9AI score0.37286EPSS
Exploits0References2
OSV
OSV
added 2021/10/11 2:52 p.m.3 views

OPENSUSE-SU-2021:1343-1 Security update for nodejs8

nodejs8 was updated to fix the following security issues: - CVE-2021-22930: http2: fixes use after free on close in stream canceling bsc1188917 This update was imported from the SUSE:SLE-15-SP2:Update update project...

9.8CVSS9.6AI score0.37286EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/11 12:0 a.m.52 views

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2021:1343-1 Rating: important References: 1188917 Cross-References: CVE-2021-22930 CVSS scores: CVE-2021-22930 SUSE: 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 15.2 An update...

9.1CVSS8.5AI score0.37286EPSS
Exploits0References1
CVE
CVE
added 2021/10/07 12:0 a.m.301 views

CVE-2021-22930

CVE-2021-22930 affects Node.js before 16.6.0, 14.17.4, and 12.22.4, enabling a use-after-free in HTTP/2 close handling that could alter process behavior. Connected advisories confirm the issue and provide fixed versions: nodejs >=16.6.0, >=14.17.5, and >=12.22.5 (Arch Linux ASA-202110-5/...

9.8CVSS9.4AI score0.37286EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/07 12:0 a.m.39 views

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2021:3294-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:3294-1 advisory. nodejs8 was updated to fix the following security issues: - CVE-2021-22930: http2: fixes use after free on close in stream canceling bsc1188917 Tenable...

9.8CVSS6.7AI score0.37286EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/10/07 12:0 a.m.24 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:3294-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.9AI score0.37286EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/10/07 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:3294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.37286EPSS
Exploits0References2
Rows per page
Query Builder