Lucene search
K

58 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : nodejs:18 (AXSA:2023-5259:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5259:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 http-cache-semantics: Regular Expression Denial of Service ReDoS vulnerability...

7.5CVSS8.2AI score0.02023EPSS
Exploits3References7
OSV
OSV
added 2025/12/03 9:5 a.m.9 views

RLSA-2023:2654 Moderate: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18.14.2. Security Fixes: glob-parent: Regular Expression Denial of Service...

8.6CVSS7.5AI score0.02209EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: nodejs (TSSA-2023:0046)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0046 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.6CVSS7.1AI score0.02209EPSS
Exploits4References8
Debian
Debian
added 2023/12/27 10:12 p.m.38 views

[SECURITY] [DSA 5589-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5589-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2023 https://www.debian.org/security/faq -...

9.8CVSS7.5AI score0.03906EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/08/30 12:0 a.m.36 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs12 (SUSE-SU-2023:3455-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3455-1 advisory. - CVE-2023-23918: Fixed permissions policies bypass via process.mainModule bsc1208481. - CVE-2023-32002: Fixed...

9.8CVSS6.8AI score0.03906EPSS
Exploits2References22
OpenVAS
OpenVAS
added 2023/08/29 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2023:3455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.03906EPSS
Exploits2References10
Oracle linux
Oracle linux
added 2023/06/15 12:0 a.m.51 views

nodejs security update

1:16.19.1-2 - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 1:16.19.1-1 - Rebase to 16.19.1 - Resolves: rhbz2153714 - Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 - Resolves: CVE-2022-25881 CVE-2022-49...

9.8CVSS7AI score0.77766EPSS
Exploits10
OSV
OSV
added 2023/05/25 7:53 p.m.48 views

RLSA-2023:2655 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.19.1, nodejs-nodemon 2.0.20. Security Fixes: c-ares: buffer overflow in...

8.6CVSS8.3AI score0.02023EPSS
Exploits3References8
Oracle linux
Oracle linux
added 2023/05/17 12:0 a.m.40 views

nodejs:18 security, bug fix, and enhancement update

nodejs 1:18.14.2-2 - Provide simduft - Resolves: 2159389 1:18.14.2-1 - Rebase to 18.14.2 - Resolves: 2159389 - Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 - Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920 nodejs-nodemon 2.0.20-2 - Patch bundled glob-parent -...

8.6CVSS7AI score0.02209EPSS
Exploits5
F5 Networks
F5 Networks
added 2023/05/15 1:50 a.m.36 views

K000134602: Node.js vulnerabilities CVE-2023-23918 and CVE-2023-23920

Security Advisory Description CVE-2023-23918 A privilege escalation vulnerability exists in Node.js 19.6.1, 18.14.1, 16.19.1 and 14.21.3 that made it possible to bypass the experimental Permissions https: //nodejs. org/api/permissions.html feature in Node.js and access non authorized modules by...

7.5CVSS6.6AI score0.02023EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.42 views

AlmaLinux 9 : nodejs and nodejs-nodemon (ALSA-2023:2655)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2655 advisory. - This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server,...

8.6CVSS7.4AI score0.02023EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.41 views

AlmaLinux 9 : nodejs:18 (ALSA-2023:2654)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2654 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-490...

8.6CVSS7.1AI score0.02209EPSS
Exploits5References9
RedHat Linux
RedHat Linux
added 2023/05/09 11:51 a.m.56 views

Moderate: Red Hat Security Advisory: nodejs and nodejs-nodemon security, bug fix, and enhancement update

An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS6.9AI score0.02023EPSS
Exploits4References8
RedHat Linux
RedHat Linux
added 2023/05/09 11:51 a.m.47 views

Moderate: Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS6.9AI score0.02209EPSS
Exploits5References10
OSV
OSV
added 2023/05/09 12:0 a.m.34 views

ALSA-2023:2654 Moderate: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18.14.2. Security Fixes: glob-parent: Regular Expression Denial of Service...

8.6CVSS8.3AI score0.02209EPSS
Exploits5References18
OSV
OSV
added 2023/05/09 12:0 a.m.40 views

ALSA-2023:2655 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.19.1, nodejs-nodemon 2.0.20. Security Fixes: c-ares: buffer overflow in...

8.6CVSS8.3AI score0.02023EPSS
Exploits3References14
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.67 views

Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.19.1, nodejs-nodemon 2.0.20. Security Fixes: c-ares: buffer overflow in...

8.6CVSS7.8AI score0.02023EPSS
Exploits3References14
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/28 11:51 a.m.37 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to security restriction bypasss due to [CVE-2023-23918]

Summary Node.js is used as a runtime engine by IBM App Connect Enterprise Certified Container. If an IBM App Connect Enterprise Certified Container image is extended to run custom Node.js applications, it may be vulnerable to security restriction bypasss. This bulletin provides patch information ...

7.5CVSS7.5AI score0.02023EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/04/26 3:28 p.m.45 views

RLSA-2023:1743 Important: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.3. Security Fixes: decode-uri-component: improper input validation resulting i...

8.6CVSS8.1AI score0.24928EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2023/04/26 12:0 a.m.33 views

Rocky Linux 8 : nodejs:14 (RLSA-2023:1743)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1743 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

8.6CVSS7AI score0.24928EPSS
Exploits4References16
Rows per page
Query Builder