Lucene search
+L

32 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 4: nodejs (TSSA-2024:0614)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0614 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7AI score0.03906EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-45143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects,...

3.9CVSS6.5AI score0.01223EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/08 3:50 p.m.27 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to obtain sensitive information due to Node.js undici ( CVE-2023-45143 )

Summary Node.js undici is used by IBM Cloud Pak for Data as part of the . CVE-2023-45143. Vulnerability Details CVEID:CVE-2023-45143 DESCRIPTION: Node.js undici module could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to clear cookie header on...

3.9CVSS5.3AI score0.01223EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/05 8:47 p.m.23 views

Security Bulletin: IBM Storage Ceph is vulnerable to the Exposure of Sensitive Information to an Unauthorized Actor in the RHEL UBI (CVE-2023-45143)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-45143. Vulnerability Details CVEID:CVE-2023-45143 DESCRIPTION: Node.js undici module could allow a remote authenticated...

3.9CVSS5.3AI score0.01223EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/21 2:39 p.m.48 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple vulnerabilities in Node.js ( CVE-2023-44487, CVE-2023-45143 )

Summary Potential vulnerabilities in Node.js related to the VM component CVE-2023-44487, CVE-2023-45143 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details...

7.5CVSS7.7AI score0.99999EPSS
Exploits20Affected Software1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.41 views

openSUSE: Security Advisory for nodejs18 (SUSE-SU-2023:4207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits20References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/17 4:15 p.m.27 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote authenticated attacker due to the electron module (CVE-2023-45143)

Summary IBM App Connect Enterprise is vulnerable to allowing a remote authenticated attacker to obtain sensitive information, due to the electron module. Electron is used for Discovery Connectors in IBM App Connect Enterprise. This bulletin identifies the steps to take to address the vulnerabilit...

3.9CVSS5.5AI score0.01223EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/14 5:0 p.m.77 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.99999EPSS
Exploits20References8
CBLMariner
CBLMariner
added 2023/11/08 2:7 a.m.17 views

CVE-2023-45143 affecting package nodejs18 for versions less than 18.18.2-2

CVE-2023-45143 affecting package nodejs18 for versions less than 18.18.2-2. An upgraded version of the package is available that resolves this issue...

3.9CVSS6AI score0.01223EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.42 views

Fedora: Security Advisory (FEDORA-2023-dbe64661af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits20References5
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.35 views

Fedora: Security Advisory (FEDORA-2023-7b52921cae)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.99999EPSS
Exploits20References32
OpenVAS
OpenVAS
added 2023/10/28 12:0 a.m.40 views

Fedora: Security Advisory for nodejs20 (FEDORA-2023-f66fc0f62a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.99999EPSS
Exploits20References4
OpenVAS
OpenVAS
added 2023/10/27 12:0 a.m.43 views

SUSE: Security Advisory (SUSE-SU-2023:4207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits20References9
OpenVAS
OpenVAS
added 2023/10/25 12:0 a.m.31 views

Fedora: Security Advisory for nodejs18 (FEDORA-2023-d5030c983c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.99999EPSS
Exploits20References4
Tenable Nessus
Tenable Nessus
added 2023/10/24 12:0 a.m.53 views

SUSE SLES15 Security Update : nodejs18 (SUSE-SU-2023:4155-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4155-1 advisory. - Update to version 18.18.2 - CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. bsc1216190 - CVE-2023-45143: Fixed a cookie...

7.5CVSS7.1AI score0.99999EPSS
Exploits20References13
OpenVAS
OpenVAS
added 2023/10/23 12:0 a.m.39 views

Mageia: Security Advisory (MGASA-2023-0299)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits20References8
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.41 views

Oracle Linux 9 : 18 (ELSA-2023-5849)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5849 advisory. - Rebase to version 18.18.2 Resolves: CVE-2023-44487 CVE-2023-45143 CVE-2023-38552 CVE-2023-39333 nodejs-nodemon - Resolves: CVE-2022-25883...

7.5CVSS7.3AI score0.99999EPSS
Exploits21References5
OSV
OSV
added 2023/10/22 9:4 p.m.33 views

MGASA-2023-0299 Updated nodejs packages fix security vulnerabilities

This is a security release. The following CVEs are fixed in this release: CVE-2023-44487: nghttp2 Security Release High CVE-2023-45143: undici Security Release High CVE-2023-38552: Integrity checks according to policies can be circumvented Medium CVE-2023-39333: Code injection via WebAssembly...

7.5CVSS8.1AI score0.99999EPSS
Exploits20References5
Mageia
Mageia
added 2023/10/22 9:4 p.m.74 views

Updated nodejs packages fix security vulnerabilities

This is a security release. The following CVEs are fixed in this release: CVE-2023-44487: nghttp2 Security Release High CVE-2023-45143: undici Security Release High CVE-2023-38552: Integrity checks according to policies can be circumvented Medium CVE-2023-39333: Code injection via WebAssembly...

7.5CVSS7.4AI score0.99999EPSS
Exploits20References4
Tenable Nessus
Tenable Nessus
added 2023/10/21 12:0 a.m.53 views

SUSE SLES12 Security Update : nodejs18 (SUSE-SU-2023:4150-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4150-1 advisory. - Update to version 18.18.2 - CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. bsc1216190 - CVE-2023-45143: Fixed a cookie...

7.5CVSS7.1AI score0.99999EPSS
Exploits20References13
Rows per page
Query Builder