Lucene search
+L

64 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : nodejs:14 (AXSA:2021-2343:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2343:01 advisory. nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 nodejs-ssri: Regular expression DoS ReDoS...

7.5CVSS7.7AI score0.23132EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-27290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely...

7.5CVSS6.7AI score0.0472EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 8 : nodejs-ssri (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-ssri: Regular expression DoS ReDoS when parsing malicious SRI in strict mode CVE-2021-27290 Note that Nessus...

7.3AI score0.0472EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.21 views

CentOS 9 : nodejs-16.16.0-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.16.0-1.el9 build changelog. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs...

9.8CVSS7.1AI score0.81464EPSS
Exploits13References19
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/31 2:57 p.m.53 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-27290 DESCRIPTION: Node.js ssri...

9.8CVSS1.3AI score0.37286EPSS
Exploits16Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.53 views

Rocky Linux 8 : nodejs:12 (RLSA-2021:3073)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3073 advisory. - The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the...

7.5CVSS7AI score0.23132EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.36 views

Rocky Linux 8 : nodejs:14 (RLSA-2021:3074)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3074 advisory. - The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the...

7.5CVSS7AI score0.23132EPSS
Exploits3References7
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/07 10:27 a.m.40 views

Security Bulletin: IBM App Connect Enterprise Certified Container images may be vulnerable to Denial of Service attacks due to CVE-2021-23362 and CVE-2021-27290

Summary IBM App Connect Enterprise Certified Container images may be vulnerable to Denial of Service attacks due to regular expression DoS vulnerabilities in the Node module npm. The npm module is not used at runtime by IBM App Connect Enterprise itself, but anyone using the certified containers ...

7.5CVSS2AI score0.0472EPSS
Exploits2Affected Software1
Oracle linux
Oracle linux
added 2021/09/27 12:0 a.m.65 views

nodejs:14 security and bug fix update

nodejs 1:14.17.5-1 - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ1847529 make FIPS always available - Resolves: RHBZ1988599, RHBZ1994000, RHBZ1993998, RHBZ1993095 - Resolves: RHBZ1994028,...

9.8CVSS1.5AI score0.37286EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2021/09/22 9:6 a.m.72 views

Important: Red Hat Security Advisory: nodejs:12 security and bug fix update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.8AI score0.37286EPSS
Exploits8References13
RedHat Linux
RedHat Linux
added 2021/09/22 8:55 a.m.53 views

Important: Red Hat Security Advisory: nodejs:12 security and bug fix update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.8AI score0.37286EPSS
Exploits8References13
Oracle linux
Oracle linux
added 2021/09/22 12:0 a.m.85 views

nodejs:12 security and bug fix update

nodejs 1:12.22.5-1 - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ1951621 make FIPS always available - Resolves: RHBZ1988595, RHBZ1993992, RHBZ1993989, RHBZ1993093 - Resolves: RHBZ1994025,...

9.8CVSS2.8AI score0.37286EPSS
Exploits7
OpenVAS
OpenVAS
added 2021/08/11 12:0 a.m.30 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:1113-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.1AI score0.69062EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.28 views

Oracle Linux 8 : nodejs:14 (ELSA-2021-3074)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3074 advisory. - Resolves CVE-2021-22918libuv, use system cipher list Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS7.1AI score0.23132EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.33 views

CentOS 8 : nodejs:12 (CESA-2021:3073)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3073 advisory. - libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 - nodejs-hosted-git-info: Regular Expression...

7.5CVSS6.9AI score0.23132EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.35 views

RHEL 8 : nodejs:14 (RHSA-2021:3074)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3074 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

7.5CVSS7.2AI score0.23132EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.28 views

Oracle Linux 8 : nodejs:12 (ELSA-2021-3073)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3073 advisory. - Resolves CVE-2021-22918libuv, use system cipher list nodejs-nodemon Tenable has extracted the preceding description block directly from the Oracle...

7.5CVSS7.1AI score0.23132EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.28 views

RHEL 8 : nodejs:12 (RHSA-2021:3073)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3073 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

7.5CVSS7.2AI score0.23132EPSS
Exploits3References9
RedHat Linux
RedHat Linux
added 2021/08/10 4:37 p.m.62 views

Moderate: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.23132EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2021/08/10 4:37 p.m.45 views

Moderate: Red Hat Security Advisory: nodejs:12 security, bug fix, and enhancement update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.23132EPSS
Exploits3References4
Rows per page
Query Builder