Lucene search
+L

45 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.38 views

Ubuntu 20.04 ESM : Tar for Node.js vulnerability (USN-5283-1)

The remote Ubuntu 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5283-1 advisory. It was discovered that Tar for Node.js did not properly sanitize path inputs. An attacker could possibly use this issue to read arbitrary files, resulting in a...

8.2CVSS7.2AI score0.07795EPSS
Exploits0References2
OSV
OSV
added 2023/08/31 12:16 p.m.3 views

BELL-CVE-2021-32803 CVE-2021-32803 does not affect BellSoft software

Bulletin has no description...

8.1CVSS7.3AI score0.07795EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/05/18 12:0 a.m.24 views

openSUSE: Security Advisory for nodejs10 (SUSE-SU-2022:1717-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.21514EPSS
Exploits6References2
OSV
OSV
added 2022/05/17 3:43 p.m.11 views

SUSE-SU-2022:1717-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.3AI score0.21514EPSS
Exploits6References19
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.45 views

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2022:0704-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0704-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, a...

9.8CVSS7.4AI score0.15014EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.47 views

openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2022:0704-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0704-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and...

9.8CVSS7.3AI score0.15014EPSS
Exploits4References16
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.30 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2022:0704-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.38 views

openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2022:0715-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/04 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:0704-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/04 12:0 a.m.93 views

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2022:0704-1 Rating: important References: 1191962 1191963 1192153 1192154 1192696 Cross-References: CVE-2021-23343 CVE-2021-32803 CVE-2021-32804 CVE-2021-3807 CVE-2021-3918 CVSS scores: CVE-2021-23343 NVD : 7.5...

8.1CVSS9.1AI score0.15014EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/03/03 12:0 a.m.23 views

openSUSE: Security Advisory for nodejs12 (openSUSE-SU-2022:0657-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2022:0657-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2022/02/25 12:0 a.m.46 views

SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2022:0570-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0570-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, a...

9.8CVSS6.9AI score0.21514EPSS
Exploits4References19
OpenVAS
OpenVAS
added 2022/02/25 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:0570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.21514EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/02/25 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2022:0563-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
OSV
OSV
added 2022/02/24 9:35 a.m.12 views

SUSE-SU-2022:0570-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.8AI score0.21514EPSS
Exploits4References13
OSV
OSV
added 2022/02/24 9:35 a.m.15 views

SUSE-SU-2022:0569-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.7AI score0.15014EPSS
Exploits4References11
OpenVAS
OpenVAS
added 2022/02/22 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:0531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.15014EPSS
Exploits4References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/24 11:36 a.m.42 views

Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus v10 (CVE-2021-32803)

Summary IBM Integration Bus ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-32803 DESCRIPTION: Node.js tar module could allow a local attacker to traverse directories on the system,...

8.2CVSS7.7AI score0.07795EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/09 6:30 p.m.44 views

Security Bulletin: A security vulnerability in Node.js tar module affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in Node.js tar module affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID: CVE-2021-32803 DESCRIPTION: Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient symlink...

8.2CVSS1.8AI score0.07795EPSS
Exploits0Affected Software1
Rows per page
Query Builder