Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-29244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=...

7.5CVSS7AI score0.03465EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2023/06/15 12:0 a.m.51 views

nodejs security update

1:16.19.1-2 - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 1:16.19.1-1 - Rebase to 16.19.1 - Resolves: rhbz2153714 - Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 - Resolves: CVE-2022-25881 CVE-2022-49...

9.8CVSS7AI score0.81464EPSS
Exploits10
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/19 9:24 p.m.36 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js npm module information disclosure (CVE-2022-29244)

Summary Potential Node.js npm module information disclosure vulnerability CVE-2022-29244 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-29244 DESCRIPTION: Node.js npm module cou...

7.5CVSS8AI score0.03465EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/04 6:22 p.m.43 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-0235 DESCRIPTION: Node.js...

8.8CVSS7.1AI score0.05664EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/06 12:0 a.m.58 views

Rocky Linux 9 : nodejs and nodejs-nodemon (RLSA-2022:6595)

The remote Rocky Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2022:6595 advisory. - npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces,...

9.8CVSS7.2AI score0.81464EPSS
Exploits6References23
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/14 2:14 p.m.121 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a remote authenticated attacker due to Node.js (CVE-2022-29244, CVE-2022-33987)

Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed by an ifix, a fixpack release and an option to disable the node CVE-2022-29244, CVE-2022-33987 Vulnerability Details CVEID:CVE-2022-29244 DESCRIPTION: Node....

7.5CVSS7.1AI score0.03465EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 6:15 p.m.26 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to loss of confidentiality due to CVE-2022-29244

Summary Node.js is used by all IBM App Connect Enterprise Certified Container operands. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability CVE-2022-29244 in Node.js...

7.5CVSS8.1AI score0.03465EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/19 12:0 a.m.38 views

AlmaLinux 9 : nodejs and nodejs-nodemon (ALSA-2022:6595)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:6595 advisory. - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollut...

9.8CVSS7.3AI score0.81464EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.435 views

Oracle Linux 9 : nodejs / and / nodejs-nodemon (ELSA-2022-6595)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6595 advisory. - Rebase to version 16.16.0 Resolves: RHBZ2106290 Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 Tenable has extracted the...

9.8CVSS7.2AI score0.81464EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2022/09/21 12:0 a.m.49 views

RHEL 9 : nodejs and nodejs-nodemon (RHSA-2022:6595)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6595 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.3AI score0.81464EPSS
Exploits6References25
RedHat Linux
RedHat Linux
added 2022/09/20 12:27 p.m.67 views

Moderate: Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update

An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.7AI score0.81464EPSS
Exploits6References13
OSV
OSV
added 2022/09/20 11:37 a.m.36 views

RLSA-2022:6595 Moderate: nodejs and nodejs-nodemon security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.16.0, nodejs-nodemon 2.0.19. BZ2124230, BZ2124233 Security Fixes: nodejs-ini:...

7.5CVSS7.7AI score0.81464EPSS
Exploits6References13
OSV
OSV
added 2022/09/20 12:0 a.m.35 views

ALSA-2022:6595 Moderate: nodejs and nodejs-nodemon security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.16.0, nodejs-nodemon 2.0.19. BZ2124230, BZ2124233 Security Fixes: nodejs-ini:...

9.8CVSS7.7AI score0.81464EPSS
Exploits6References22
OpenVAS
OpenVAS
added 2022/09/13 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:3251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.03465EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/09/13 12:0 a.m.26 views

openSUSE: Security Advisory for nodejs16 (SUSE-SU-2022:3250-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.6AI score0.03465EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/09/13 12:0 a.m.675 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs16 (SUSE-SU-2022:3251-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3251-1 advisory. - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request...

9.8CVSS6.8AI score0.03465EPSS
Exploits3References14
OpenVAS
OpenVAS
added 2022/09/13 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:3250-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.03465EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/09/09 12:0 a.m.41 views

SUSE SLES12 Security Update : nodejs16 (SUSE-SU-2022:3196-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3196-1 advisory. - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request bsc1202382. -...

9.8CVSS6.8AI score0.03465EPSS
Exploits3References14
OpenVAS
OpenVAS
added 2022/09/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:3196-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.03465EPSS
Exploits3References2
AlpineLinux
AlpineLinux
added 2022/06/13 2:15 p.m.35 views

CVE-2022-29244

npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published...

7.5CVSS3.7AI score0.03465EPSS
Exploits0
Rows per page
Query Builder