Lucene search
K

48 matches found

Wolfi
Wolfi
added 2026/01/28 1:48 a.m.5 views

CVE-2023-46809 vulnerabilities

Vulnerabilities for packages: nodejs...

7.4CVSS5.9AI score0.01302EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : nodejs:20 (AXSA:2024-7668:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7668:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...

9.8CVSS8.2AI score0.03168EPSS
Exploits0References8
OSV
OSV
added 2025/08/12 8:24 a.m.3 views

ROOT-OS-DEBIAN-12-CVE-2023-46809 CVE-2023-46809 in rootio-nodejs - Patched by Root

Root has patched CVE-2023-46809 in the rootio-nodejs package for Root:Debian:12. Multiple fixed versions available...

7.4CVSS7.2AI score0.01302EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: nodejs:20 (TSSA-2024:0109)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0109 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7AI score0.03168EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-46809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the...

7.4CVSS6.8AI score0.01302EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/09/07 4:15 p.m.45 views

CVE-2023-46809

Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...

7.4CVSS6.8AI score0.01302EPSS
Exploits0References3
CVE
CVE
added 2024/09/07 4:3 p.m.414 views

CVE-2023-46809

CVE-2023-46809 affects Node.js runtimes that bundle an unpatched OpenSSL or use a dynamically linked OpenSSL version; exposed to the Marvin Attack when PKCS #1 v1.5 padding is allowed during RSA decryption with a private key. This is a timing/side-channel vulnerability affecting confidentiality a...

7.4CVSS6.7AI score0.01302EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/09/07 4:3 p.m.38 views

CVE-2023-46809

Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...

7.4CVSS6.7AI score0.01302EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.22 views

Photon OS 5.0: Nodejs PHSA-2024-5.0-0213

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0213. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.2AI score0.03168EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 9:24 a.m.53 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control

Summary Node.js is vulnerable to remote attacker to obtain sensitive information, denial of service, HTTP request smuggling and allow a local authenticated attacker to gain elevated privileges on the system. These vulnerabilities affect IBM Spectrum Control. CVE-2024-27983, CVE-2024-22019,...

8.2CVSS9AI score0.87211EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/30 6:50 p.m.33 views

Security Bulletin: Denial of service vulnerabilities in Node.js affects IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition

Summary Node.js is used as runtime and SDK for Apache Cordova applications within IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition. Multiple denial of service attacks affecting Node.js have been published in this security bulletin. This bulletin identifies the steps ...

7.8CVSS7.8AI score0.04459EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.40 views

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs: integrity checks according to policies can be circumvented CVE-2023-38552 - Maliciously crafted...

7.3AI score0.01302EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/10 2:52 p.m.51 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js.

Summary IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-21892 DESCRIPTION: Node.js could allow a local authenticated attacker to gain elevated...

7.8CVSS7.8AI score0.03168EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2024/05/08 11:47 p.m.69 views

K000139558: Node.js vulnerabilities CVE-2023-46809, CVE-2024-21892, and CVE-2024-22019

Security Advisory Description CVE-2023-46809 Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed...

7.8CVSS7.2AI score0.03168EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/22 12:0 a.m.43 views

RHEL 9 : nodejs:18 (RHSA-2024:1932)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1932 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

7.8CVSS7.2AI score0.03168EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/04/18 2:16 a.m.42 views

Important: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.9AI score0.03168EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/10 12:0 a.m.39 views

AlmaLinux 8 : nodejs:20 (ALSA-2024:1687)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1687 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP reques...

9.8CVSS7.2AI score0.03168EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/04/08 8:54 a.m.129 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.9AI score0.03168EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2024/04/08 12:0 a.m.76 views

nodejs:20 security update

nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...

7.4CVSS7.9AI score0.03168EPSS
Exploits0
OSV
OSV
added 2024/04/08 12:0 a.m.58 views

ALSA-2024:1687 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...

9.8CVSS7.5AI score0.03168EPSS
Exploits0References16
Rows per page
Query Builder