RLSA-2024:5814 Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import...

Important: Red Hat Security Advisory: rh-nodejs14 security update

An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: nodejs security, bug fix, and enhancement update

An update for nodejs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

nodejs:16 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

nodejs:16 security, bug fix, and enhancement update

An update is available for nodejs, nodejs-packaging, module.nodejs-packaging, module.nodejs-nodemon, nodejs-nodemon, module.nodejs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Cross site scripting

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

CVE-2022-46903

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...

ALSA-2022:6448 Moderate: nodejs:14 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: DNS rebinding in --inspect via invalid IP addresses CVE-2022-32212 nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encodi...

RLSA-2021:3074 Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.17.3. BZ1978203 Security Fixes: nodejs-hosted-git-info: Regular Expression denial...

Important: Red Hat Security Advisory: nodejs:14 security and bug fix update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: nodejs:10 security update

An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: nodejs:14 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.16.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

The vulnerability of Adobe Acrobat’s PDF editing software allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Acrobat PDF editing program is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass restrictions on access to the JavaScript API...