Astra Linux - уязвимость в nodejs

Certain build processes for libuv and Node.js for 32-bit systems, such as the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have inconsistent offt size settings. For example, when building on the i386 architecture for Debian GNU/Linux, FILEOFFSETBITS=64 is alway...

Astra Linux - уязвимость в libuv1

libuv is a multi-platform support library that focuses on asynchronous I/O operations. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its Windows counterpart src/win/getaddrinfo.c truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to generat...

CVE-2026-32766 vulnerabilities

Vulnerabilities for packages: pixi, uv, mise, wasmcloud...

MiracleLinux 8 : nodejs:14 (AXSA:2021-2343:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2343:01 advisory. nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 nodejs-ssri: Regular expression DoS ReDoS...

MiracleLinux 8 : libuv-1.41.1-1.el8 (AXSA:2021-2313:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2313:02 advisory. libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 Tenable has extracted the preceding description bloc...

MiracleLinux 8 : nodejs:12 (AXSA:2021-2333:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2333:01 advisory. nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 nodejs-ssri: Regular expression DoS ReDoS...

MiracleLinux 7 : rh-nodejs14-nodejs-nodemon-2.0.3-2.el7, rh-nodejs14-nodejs-14.17.2-1.el7 (AXSA:2021-2260:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2260:01 advisory. nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 nodejs-ssri: Regular expression DoS ReDoS...

MiracleLinux 8 : libuv-1.41.1-2.el8_10 (AXSA:2024-8516:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8516:01 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : libuv-1.42.0-2.el9_4 (AXSA:2024-8597:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8597:02 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : rh-nodejs10-nodejs-10.23.1-2.el7 (AXSA:2021-1479:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1479:01 advisory. libuv: buffer overflow in realpath CVE-2020-8252 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS...

EUVD-2020-29122

Malware in sbrugna...

EUVD-2014-9554

Malware in sbrugna...

EUVD-2015-0291

Malware in sbrugna...

EUVD-2024-22182

Malicious code in bioql PyPI...

EUVD-2025-12810

Malicious code in bioql PyPI...

EUVD-2024-19623

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-47153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linu...

ROOT-OS-ALPINE-319-CVE-2024-24806 CVE-2024-24806 in rootio-libuv - Patched by Root

Root has patched CVE-2024-24806 in the rootio-libuv package for Root:Alpine:3.19. Multiple fixed versions available...

ROOT-OS-ALPINE-318-CVE-2024-24806 CVE-2024-24806 in rootio-libuv - Patched by Root

Root has patched CVE-2024-24806 in the rootio-libuv package for Root:Alpine:3.18. Multiple fixed versions available...

K000152876: libuv vulnerability CVE-2024-24806

Security Advisory Description libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be...