Lucene search
+L

9 matches found

Tenable Nessus
Tenable Nessus
added 2022/09/13 12:0 a.m.675 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs16 (SUSE-SU-2022:3251-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3251-1 advisory. - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request...

9.8CVSS6.8AI score0.03465EPSS
Exploits3References14
OpenVAS
OpenVAS
added 2022/09/13 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:3250-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.03465EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/09/13 12:0 a.m.26 views

openSUSE: Security Advisory for nodejs16 (SUSE-SU-2022:3250-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.6AI score0.03465EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/09/13 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:3251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.03465EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/09/09 12:0 a.m.42 views

SUSE SLES12 Security Update : nodejs16 (SUSE-SU-2022:3196-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3196-1 advisory. - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request bsc1202382. -...

9.8CVSS6.8AI score0.03465EPSS
Exploits3References14
OpenVAS
OpenVAS
added 2022/09/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:3196-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.03465EPSS
Exploits3References2
UbuntuCve
UbuntuCve
added 2022/07/19 9:15 p.m.43 views

CVE-2022-31150

undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate \r\n is a workaround for this...

6.5CVSS6.7AI score0.01391EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/07/19 8:40 p.m.7 views

CVE-2022-31150 CRLF injection in request headers

undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate \r\n is a workaround for this...

5.3CVSS6.6AI score0.01391EPSS
Exploits1References4
CVE
CVE
added 2022/07/19 8:40 p.m.249 views

CVE-2022-31150

CVE-2022-31150 (undici): An HTTP/1.1 client for Node.js is vulnerable to CRLF injection in request headers in undici versions

6.5CVSS7AI score0.01391EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder