Lucene search
K

27 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:4 a.m.62 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...

9.8CVSS9.8AI score0.15014EPSS
Exploits2Affected Software1
Debian
Debian
added 2022/12/12 2:15 p.m.62 views

[SECURITY] [DLA 3237-1] node-tar security update

Debian LTS Advisory DLA-3237-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 12, 2022 https://wiki.debian.org/LTS Package : node-tar Version : 4.4.6+ds1-3+deb10u2 CVE ID : CVE-2021-37701 CVE-2021-37712 Debian Bug : 993981 Cache poisoning vulnerabilities...

8.6CVSS6.8AI score0.03286EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/22 7:45 p.m.40 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Node.js (CVE-2021-37712)

Summary Security Vulnerabilities affect IBM Cloud Private - Node.js Vulnerability Details CVEID:CVE-2021-37712 DESCRIPTION: Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file creation/overwrite vulnerability. By creating a director...

8.6CVSS7AI score0.0185EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/31 2:21 p.m.46 views

Security Bulletin: Images built from IBM App Connect Enterprise Certified Containers may be vulnerable to arbitrary code execution due to CVE-2021-37712

Summary The Node.js tar module is used by the package manager npm, which is included in the IBM App Connect Enterprise Certified Container images. Use of npm when building images based on IBM App Connect Enterprise Certified Container images may be vulnerable to arbitrary code execution. This...

8.6CVSS7.5AI score0.0185EPSS
Exploits0Affected Software1
Mageia
Mageia
added 2022/03/21 8:18 p.m.103 views

Updated nodejs-tar packages fix security vulnerability

Untrusted tar file to symlink into an arbitrary location allowing file overwrites. CVE-2021-37712 Arbitrary file creation/overwrite and arbitrary code execution. CVE-2021-37701 Arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. CVE-2021-32803 Arbitrary File...

8.6CVSS3.9AI score0.15014EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/02/08 12:0 a.m.27 views

openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2021:1552-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.6CVSS8AI score0.03286EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2022/02/01 9:18 p.m.59 views

Moderate: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.04456EPSS
Exploits6References10
OSV
OSV
added 2022/02/01 8:8 p.m.42 views

RLSA-2022:0350 Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.18.2, nodejs-nodemon 2.0.15. BZ2027609 Security Fixes: nodejs-json-schema:...

9.8CVSS8.8AI score0.04456EPSS
Exploits6References10
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2021-0463)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.21952EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2022/01/26 12:0 a.m.51 views

RHEL 8 : nodejs:14 (RHSA-2022:0246)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0246 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.5AI score0.04456EPSS
Exploits6References21
RedHat Linux
RedHat Linux
added 2022/01/25 9:28 a.m.73 views

Moderate: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.8AI score0.04456EPSS
Exploits6References10
OpenVAS
OpenVAS
added 2022/01/20 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:0101-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.3AI score0.21514EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/01/07 12:0 a.m.44 views

RHEL 7 : rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon (RHSA-2022:0041)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0041 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.5AI score0.03563EPSS
Exploits4References16
RedHat Linux
RedHat Linux
added 2022/01/06 6:43 p.m.66 views

Moderate: Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update

An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

9.8CVSS6.8AI score0.03563EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2021/12/08 12:0 a.m.27 views

openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2021:3964-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.6CVSS8AI score0.03286EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/12/07 12:0 a.m.32 views

openSUSE: Security Advisory for nodejs12 (openSUSE-SU-2021:3940-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.6CVSS8AI score0.03286EPSS
Exploits2References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/12/06 12:0 a.m.53 views

Security update for nodejs12 (important)

openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2021:3940-1 Rating: important References: 1190053 1190054 1190055 1190056 1190057 1191601 1191602 Cross-References: CVE-2021-22959 CVE-2021-22960 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 CVE-2021-39134...

8.1CVSS7.1AI score0.03286EPSS
Exploits2References7
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/02 6:13 p.m.38 views

Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus v10 (CVE-2021-37712)

Summary IBM Integration Bus ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-37712 DESCRIPTION: Node.js tar module could allow a local attacker to execute arbitrary code on the system,...

8.6CVSS7.9AI score0.0185EPSS
Exploits0Affected Software1
Debian
Debian
added 2021/11/11 9:57 p.m.38 views

[SECURITY] [DSA 5008-1] node-tar security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5008-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 11, 2021 https://www.debian.org/security/faq -...

8.6CVSS7.9AI score0.03286EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/09 6:11 p.m.42 views

Security Bulletin: A security vulnerability in Node.js tar module affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in Node.js tar module affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID: CVE-2021-37712 DESCRIPTION: Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file...

8.6CVSS1AI score0.0185EPSS
Exploits0Affected Software1
Rows per page
Query Builder