52 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-44532
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 converts SANs Subject Alternative Names to a string format. It uses this string to check peer certificates against...
Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 8 : nodejs:14 (RHSA-2023:1742)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1742 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
RHEL 8 : nodejs:16 (RHSA-2022:9073)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:9073 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.18.1-3 - Update sources of undici WASM blobs Resolves: rhbz2151546 1:16.18.1-2 - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 1:16.18.1-1 - Rebase + CVE fixes - Resolves: 2142806 -...
Oracle Linux 8 : ELSA-2022-9073-1: / nodejs:16 (ELSA-2022-90731)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-90731 advisory. - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824...
Moderate: Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...
Moderate: nodejs:16 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...
Amazon Linux 2022 : nodejs (ALAS2022-2022-214)
The version of nodejs installed on the remote host is prior to 18.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-214 advisory. - The parser in accepts requests with a space SP right after the header name before the colon. This can lead to HTTP...
Oracle Linux 8 : nodejs:14 (ELSA-2022-7830)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7830 advisory. - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 - Rebase to...
AlmaLinux 8 : nodejs:14 (ALSA-2022:7830)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7830 advisory. nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection CVE-2021-44532...
Moderate: Red Hat Security Advisory: nodejs:14 security update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:7830 Moderate: nodejs:14 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...
ALSA-2022:7830 Moderate: nodejs:14 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...
Moderate: nodejs:14 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing of security restrictions due to CVE-2021-44532
Summary Node.js is used by all operands in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing of security restrictions. This bulletin provides patch information to address the reported vulnerability CVE-2021-44532...
Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation
Summary A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation Vulnerability Details CVEID:CVE-2021-44531 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by the improper handling of URI Subject Alternative Na...
Moderate: Red Hat Security Advisory: rh-nodejs14-nodejs security update
An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Security Bulletin: IBM DataPower Gateway potentially affected by various vulnerabilities in Node
Summary IBM has addressed several CVEs which may affect the APIC Gateway Service Vulnerability Details CVEID:CVE-2021-44532 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a string injection vulnerability when name constraints were used within a...