Node.js 10.x < 10.24.0, 12.x < 12.21.0, 14.x < 14.16.0, 15.x < 15.10.0 Multiple Vulnerabilities - Windows

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

RHEL 8 : nodejs:12 (RHSA-2021:0734)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0734 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

Important: Red Hat Security Advisory: nodejs:10 security update

An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: nodejs:12 security update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

nodejs:10 security update

An update is available for nodejs-nodemon, nodejs, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform f...

RLSA-2021:0735 Important: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.24.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

Important: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.24.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

Important: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.21.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

RLSA-2021:0734 Important: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.21.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

ALSA-2021:0734 Important: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.21.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

CentOS 8 : nodejs:12 (CESA-2021:0734)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0734 advisory. - nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 - nodejs: DNS rebinding in --inspect CVE-2021-22884 Note that Nessus...

OPENSUSE-SU-2021:0372-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: New upstream LTS version 10.24.0: - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 - CVE-2021-22884: DNS rebinding in --inspect bsc1182620 - CVE-2021-23840: OpenSSL - Integer overflow in...

SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2021:0673-1)

This update for nodejs10 fixes the following issues : New upstream LTS version 10.24.0 : CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 CVE-2021-22884: DNS rebinding in --inspect bsc1182620 CVE-2021-23840: OpenSSL - Integer overflow in CipherUpda...

SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2021:0674-1)

This update for nodejs10 fixes the following issues : New upstream LTS version 10.24.0 : CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 CVE-2021-22884: DNS rebinding in --inspect bsc1182620 CVE-2021-23840: OpenSSL - Integer overflow in CipherUpda...

Security update for nodejs10 (important)

openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:0372-1 Rating: important References: 1182333 1182619 1182620 Cross-References: CVE-2021-22883 CVE-2021-22884 CVE-2021-23840 CVSS scores: CVE-2021-22883 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

SUSE-SU-2021:0673-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: New upstream LTS version 10.24.0: - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 - CVE-2021-22884: DNS rebinding in --inspect bsc1182620 - CVE-2021-23840: OpenSSL - Integer overflow in...

SUSE SLES15 Security Update : nodejs14 (SUSE-SU-2021:0648-1)

This update for nodejs14 fixes the following issues : New upstream LTS version 14.16.0 : - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 - CVE-2021-22884: DNS rebinding in --inspect bsc1182620 Note that Tenable Network Security has extracted the...

openSUSE Security Update : nodejs14 (openSUSE-2021-356)

This update for nodejs14 fixes the following issues : - New upstream LTS version 14.16.0 : - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 - CVE-2021-22884: DNS rebinding in --inspect bsc1182620 This update was imported from the...

SUSE SLES12 Security Update : nodejs14 (SUSE-SU-2021:0650-1)

This update for nodejs14 fixes the following issues : New upstream LTS version 14.16.0 : CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 CVE-2021-22884: DNS rebinding in --inspect bsc1182620 Note that Tenable Network Security has extracted the...

SUSE SLES15 Security Update : nodejs12 (SUSE-SU-2021:0651-1)

This update for nodejs12 fixes the following issues : New upstream LTS version 12.21.0 : CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion bsc1182619 CVE-2021-22884: DNS rebinding in --inspect bsc1182620 CVE-2021-23840: OpenSSL - Integer overflow in CipherUpda...