54 matches found
Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 8 : nodejs:14 (RHSA-2023:1742)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1742 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
SUSE CVE-2021-44533
Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...
RHEL 8 : nodejs:16 (RHSA-2022:9073)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:9073 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Oracle Linux 8 : ELSA-2022-9073-1: / nodejs:16 (ELSA-2022-90731)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-90731 advisory. - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.18.1-3 - Update sources of undici WASM blobs Resolves: rhbz2151546 1:16.18.1-2 - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 1:16.18.1-1 - Rebase + CVE fixes - Resolves: 2142806 -...
Moderate: Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: nodejs:16 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...
ALSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...
Amazon Linux 2022 : nodejs (ALAS2022-2022-214)
The version of nodejs installed on the remote host is prior to 18.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-214 advisory. - The parser in accepts requests with a space SP right after the header name before the colon. This can lead to HTTP...
Oracle Linux 8 : nodejs:14 (ELSA-2022-7830)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7830 advisory. - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 - Rebase to...
AlmaLinux 8 : nodejs:14 (ALSA-2022:7830)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7830 advisory. nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection CVE-2021-44532...
Moderate: Red Hat Security Advisory: nodejs:14 security update
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2022:7830 Moderate: nodejs:14 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...
Moderate: nodejs:14 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...
ALSA-2022:7830 Moderate: nodejs:14 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing of security restrictions due to CVE-2021-44533
Summary Node.js is used by all operands in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing of security restrictions. This bulletin provides patch information to address the reported vulnerability CVE-2021-44533...
Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation
Summary A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation Vulnerability Details CVEID:CVE-2021-44531 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by the improper handling of URI Subject Alternative Na...
Moderate: Red Hat Security Advisory: rh-nodejs14-nodejs security update
An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Security Bulletin: IBM Security Verify Governance is vulnerable to multiple security issues due to Node.js
Summary IBM has announced a release for IBM Security Verify Governance ISVG in response to security vulnerabilities. The vulnerabilities are caused by Node.js which is vulnerable to multiple threats. CVE-2021-22939, CVE-2021-44531, CVE-2021-44533, CVE-2021-37701, CVE-2021-37712, CVE-2021-22959,...