Lucene search
K

54 matches found

RedHat Linux
RedHat Linux
added 2023/04/12 3:4 p.m.60 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.24928EPSS
Exploits11References19
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.36 views

RHEL 8 : nodejs:14 (RHSA-2023:1742)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1742 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.7AI score0.24928EPSS
Exploits11References36
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.11 views

SUSE CVE-2021-44533

Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...

5.9CVSS7AI score0.09358EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2022/12/19 12:0 a.m.42 views

RHEL 8 : nodejs:16 (RHSA-2022:9073)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:9073 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.2AI score0.21514EPSS
Exploits3References18
Oracle linux
Oracle linux
added 2022/12/16 12:0 a.m.58 views

nodejs:16 security, bug fix, and enhancement update

nodejs 1:16.18.1-3 - Update sources of undici WASM blobs Resolves: rhbz2151546 1:16.18.1-2 - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 1:16.18.1-1 - Rebase + CVE fixes - Resolves: 2142806 -...

9.8CVSS3.4AI score0.21514EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/12/16 12:0 a.m.72 views

Oracle Linux 8 : ELSA-2022-9073-1: / nodejs:16 (ELSA-2022-90731)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-90731 advisory. - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824...

9.8CVSS7AI score0.21514EPSS
Exploits3References8
RedHat Linux
RedHat Linux
added 2022/12/15 4:20 p.m.51 views

Moderate: Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update

An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.21514EPSS
Exploits3References9
AlmaLinux
AlmaLinux
added 2022/12/15 12:0 a.m.56 views

Moderate: nodejs:16 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...

9.8CVSS7.9AI score0.21514EPSS
Exploits3References16
OSV
OSV
added 2022/12/15 12:0 a.m.32 views

ALSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...

9.8CVSS8.1AI score0.21514EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.41 views

Amazon Linux 2022 : nodejs (ALAS2022-2022-214)

The version of nodejs installed on the remote host is prior to 18.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-214 advisory. - The parser in accepts requests with a space SP right after the header name before the colon. This can lead to HTTP...

9.8CVSS6.5AI score0.21514EPSS
Exploits5References15
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.34 views

Oracle Linux 8 : nodejs:14 (ELSA-2022-7830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7830 advisory. - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 - Rebase to...

8.8CVSS7.5AI score0.21514EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.32 views

AlmaLinux 8 : nodejs:14 (ALSA-2022:7830)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7830 advisory. nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection CVE-2021-44532...

8.2CVSS7.3AI score0.21514EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2022/11/08 11:39 a.m.41 views

Moderate: Red Hat Security Advisory: nodejs:14 security update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS6.9AI score0.21514EPSS
Exploits3References6
OSV
OSV
added 2022/11/08 10:51 a.m.37 views

RLSA-2022:7830 Moderate: nodejs:14 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...

8.2CVSS8.4AI score0.21514EPSS
Exploits3References6
OSV
OSV
added 2022/11/08 12:0 a.m.29 views

ALSA-2022:7830 Moderate: nodejs:14 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...

8.2CVSS8.4AI score0.21514EPSS
Exploits3References12
AlmaLinux
AlmaLinux
added 2022/11/08 12:0 a.m.185 views

Moderate: nodejs:14 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...

8.2CVSS8.5AI score0.21514EPSS
Exploits3References12
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 4:29 p.m.37 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing of security restrictions due to CVE-2021-44533

Summary Node.js is used by all operands in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing of security restrictions. This bulletin provides patch information to address the reported vulnerability CVE-2021-44533...

5.3CVSS6.5AI score0.09358EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/21 5:36 p.m.42 views

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation

Summary A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation Vulnerability Details CVEID:CVE-2021-44531 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by the improper handling of URI Subject Alternative Na...

7.4CVSS6.7AI score0.10364EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2022/10/19 10:12 a.m.43 views

Moderate: Red Hat Security Advisory: rh-nodejs14-nodejs security update

An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.9AI score0.21514EPSS
Exploits4References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/22 3:20 p.m.61 views

Security Bulletin: IBM Security Verify Governance is vulnerable to multiple security issues due to Node.js

Summary IBM has announced a release for IBM Security Verify Governance ISVG in response to security vulnerabilities. The vulnerabilities are caused by Node.js which is vulnerable to multiple threats. CVE-2021-22939, CVE-2021-44531, CVE-2021-44533, CVE-2021-37701, CVE-2021-37712, CVE-2021-22959,...

9.8CVSS8.9AI score0.37286EPSS
Exploits5Affected Software1
Rows per page
Query Builder