48 matches found
CVE-2023-46809 vulnerabilities
Vulnerabilities for packages: nodejs...
MiracleLinux 8 : nodejs:20 (AXSA:2024-7668:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7668:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...
ROOT-OS-DEBIAN-12-CVE-2023-46809 CVE-2023-46809 in rootio-nodejs - Patched by Root
Root has patched CVE-2023-46809 in the rootio-nodejs package for Root:Debian:12. Multiple fixed versions available...
TencentOS Server 3: nodejs:20 (TSSA-2024:0109)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0109 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2023-46809
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the...
CVE-2023-46809
Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...
CVE-2023-46809
CVE-2023-46809 affects Node.js runtimes that bundle an unpatched OpenSSL or use a dynamically linked OpenSSL version; exposed to the Marvin Attack when PKCS #1 v1.5 padding is allowed during RSA decryption with a private key. This is a timing/side-channel vulnerability affecting confidentiality a...
CVE-2023-46809
Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...
Photon OS 5.0: Nodejs PHSA-2024-5.0-0213
An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0213. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control
Summary Node.js is vulnerable to remote attacker to obtain sensitive information, denial of service, HTTP request smuggling and allow a local authenticated attacker to gain elevated privileges on the system. These vulnerabilities affect IBM Spectrum Control. CVE-2024-27983, CVE-2024-22019,...
Security Bulletin: Denial of service vulnerabilities in Node.js affects IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition
Summary Node.js is used as runtime and SDK for Apache Cordova applications within IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition. Multiple denial of service attacks affecting Node.js have been published in this security bulletin. This bulletin identifies the steps ...
RHEL 9 : nodejs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs: integrity checks according to policies can be circumvented CVE-2023-38552 - Maliciously crafted...
Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js.
Summary IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-21892 DESCRIPTION: Node.js could allow a local authenticated attacker to gain elevated...
K000139558: Node.js vulnerabilities CVE-2023-46809, CVE-2024-21892, and CVE-2024-22019
Security Advisory Description CVE-2023-46809 Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed...
RHEL 9 : nodejs:18 (RHSA-2024:1932)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1932 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...
Important: Red Hat Security Advisory: nodejs:18 security update
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
AlmaLinux 8 : nodejs:20 (ALSA-2024:1687)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1687 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP reques...
Important: Red Hat Security Advisory: nodejs:20 security update
An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
nodejs:20 security update
nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...
ALSA-2024:1687 Important: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...