27 matches found
Azure Linux 3.0 Security Update: nodejs (CVE-2025-23165)
The version of nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23165 advisory. - In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-1...
Security Bulletin: Multiple vulnerabilities in NodeJS affect IBM Business Automation Workflow Configuration Editor
Summary IBM Business Automation Workflow Configuration Editor packages a vulnerable version of the NodeJS runtime and a vulnerable module. Vulnerability Details CVEID:CVE-2025-23165 DESCRIPTION: In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a...
CVE-2025-23165 vulnerabilities
Vulnerabilities for packages: nodejs...
CVE-2025-23165 affecting package nodejs for versions less than 20.14.0-9
CVE-2025-23165 affecting package nodejs for versions less than 20.14.0-9. A patched version of the package is available...
corepack22-22.15.1-1.1 on GA media (moderate)
corepack22-22.15.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15250-1 Rating: moderate Cross-References: CVE-2025-23165 CVE-2025-23166 CVSS scores: CVE-2025-23165 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-23165 SUSE : 6.3...
SUSE SLES15 Security Update : nodejs22 (SUSE-SU-2025:01879-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01879-1 advisory. Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improper error...
SUSE SLES15 / openSUSE 15 Security Update : nodejs22 (SUSE-SU-2025:01878-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01878-1 advisory. Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improp...
SUSE SLES15 Security Update : nodejs20 (SUSE-SU-2025:02039-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02039-1 advisory. Update to 20.19.2: - CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. -...
openSUSE Security Advisory (SUSE-SU-2025:02045-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:02039-1 Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to 20.19.2: - CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. - CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. - CVE-2025-23165: add missing call to...
openSUSE Security Advisory (SUSE-SU-2025:01878-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for nodejs22
This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. CVE-2025-23165: memory leak and unbounded memory growth due to...
Fedora 41 : nodejs20 (2025-0c2b7a8f32)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0c2b7a8f32 advisory. Update to 20.19.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Fedora 41 : nodejs22 (2025-61ad6e65b3)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-61ad6e65b3 advisory. Update to version 22.15.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora: Security Advisory (FEDORA-2025-f4cee58e97)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-0c2b7a8f32)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2025-0161)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2025-1534 nodejs security update
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
OESA-2025-1533 nodejs security update
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
Node.js < 20.19.2, 22.x < 22.15.1 DoS Vulnerability - Windows
Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...