Lucene search
+L

18 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : nodejs:16 (AXSA:2022-3781:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3781:01 advisory. npm: npm ci succeeds when package-lock.json doesn't match package.json CVE-2021-43616 Tenable has extracted the preceding description block directly from the...

9.8CVSS8.5AI score0.02534EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-43616

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json...

9.8CVSS7AI score0.02534EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.22 views

CentOS 9 : nodejs-16.16.0-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.16.0-1.el9 build changelog. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs...

9.8CVSS7.1AI score0.81464EPSS
Exploits13References19
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.28 views

Rocky Linux 8 : nodejs:16 (RLSA-2022:4796)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4796 advisory. - DISPUTED The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from...

9.8CVSS7.6AI score0.02534EPSS
Exploits1References3
OSV
OSV
added 2023/08/31 12:15 p.m.3 views

BELL-CVE-2021-43616 CVE-2021-43616 does not affect BellSoft software

Bulletin has no description...

9.8CVSS7.3AI score0.02534EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 5:22 p.m.42 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

9.8CVSS10AI score0.92488EPSS
Exploits25Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.41 views

Amazon Linux 2022 : nodejs (ALAS2022-2022-214)

The version of nodejs installed on the remote host is prior to 18.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-214 advisory. - The parser in accepts requests with a space SP right after the header name before the colon. This can lead to HTTP...

9.8CVSS6.5AI score0.21514EPSS
Exploits5References15
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.35 views

Amazon Linux 2022 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2022-2022-048)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-048 advisory. A flaw was found in npm. The npm ci command proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the...

9.8CVSS7.4AI score0.02534EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/06/06 12:0 a.m.36 views

AlmaLinux 8 : nodejs:16 (ALSA-2022:4796)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:4796 advisory. npm: npm ci succeeds when package-lock.json doesn't match package.json CVE-2021-43616 Tenable has extracted the preceding description block directly from the...

9.8CVSS7.6AI score0.02534EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2022/05/30 12:22 p.m.52 views

Important: Red Hat Security Advisory: nodejs:16 security update

An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.9AI score0.02534EPSS
Exploits1References2
OSV
OSV
added 2022/05/30 7:22 a.m.27 views

ALSA-2022:4796 Important: nodejs:16 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: npm: npm ci succeeds when package-lock.json doesn't match package.json CVE-2021-43616 For more details about the security issues, including the...

9.8CVSS8.1AI score0.02534EPSS
Exploits1References2
OSV
OSV
added 2022/05/30 7:22 a.m.26 views

RLSA-2022:4796 Important: nodejs:16 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: npm: npm ci succeeds when package-lock.json doesn't match package.json CVE-2021-43616 For more details about the security issues, including the...

9.8CVSS8.1AI score0.02534EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2022/05/30 7:22 a.m.38 views

Important: nodejs:16 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: npm: npm ci succeeds when package-lock.json doesn't match package.json CVE-2021-43616 For more details about the security issues, including the...

9.8CVSS1.2AI score0.02534EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2022/05/30 12:0 a.m.46 views

nodejs:16 security update

nodejs 1:16.14.0-4 - Apply lock file validation fixes - Resolves CVE-2021-43616 - Resolves: RHBZ2070012...

9.8CVSS1.8AI score0.02534EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/05/30 12:0 a.m.39 views

Oracle Linux 8 : nodejs:16 (ELSA-2022-4796)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-4796 advisory. - Resolves CVE-2021-43616 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not teste...

9.8CVSS7.6AI score0.02534EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/30 12:0 a.m.38 views

CentOS 8 : nodejs:16 (CESA-2022:4796)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2022:4796 advisory. - npm: npm ci succeeds when package-lock.json doesn't match package.json CVE-2021-43616 Note that Nessus has not tested for this issue but has instead relied on...

9.8CVSS7.6AI score0.02534EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/02/19 12:0 a.m.22 views

Fedora: Security Advisory for nodejs (FEDORA-2022-97b214b298)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.02534EPSS
Exploits1References2
CVE
CVE
added 2021/11/13 12:0 a.m.211 views

CVE-2021-43616

CVE-2021-43616 describes a behavior in the npm CLI where running the npm ci command (npm 7.x and 8.x up to 8.1.3) proceeds with installation even if dependency information in package-lock.json differs from package.json. The description notes this is inconsistent with the documentation and could a...

9.8CVSS9.3AI score0.02534EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder