Lucene search
K

385 matches found

Vulnrichment
Vulnrichment
added 2025/05/01 12:0 a.m.13 views

CVE-2025-47153

Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...

6.5CVSS6.5AI score0.00336EPSS
Exploits0References4
CVE
CVE
added 2025/05/01 12:0 a.m.76 views

CVE-2025-47153

CVE-2025-47153 concerns build-time handling on 32-bit systems (i386) where libuv binaries and Node.js binaries are built with inconsistent off_t sizing. Specifically, 32-bit Debian builds may set _FILE_OFFSET_BITS=64 for the libuv dynamic library but rely on the system default (32) for nodejs, ca...

6.5CVSS6.5AI score0.00336EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/05/01 12:0 a.m.10 views

CVE-2025-47153

Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...

6.5CVSS7.1AI score0.00336EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-24806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart...

7.3CVSS6.8AI score0.02003EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.17 views

Azure Linux 3.0 Security Update: cmake / libuv / nodejs / nodejs18 / python-gevent (CVE-2024-24806)

The version of cmake / libuv / nodejs / nodejs18 / python-gevent installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24806 advisory. - libuv is a multi-platform support library with a focus on...

7.3CVSS7AI score0.02003EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2025/01/28 11:6 a.m.7 views

Advisory ROSA-SA-2025-2605

software: libuv 1.44.2 OS: ROSA-CHROME packageevrstring: libuv-1.44.2-2 CVE-ID: CVE-2024-24806 BDU-ID: 2024-02979 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the uvgetaddrinfo function src/unix/getaddrinfo.c, src/win/getaddrinfo.c of the libuv asynchronous I/O library is related to insufficient...

7.3CVSS6.9AI score0.02003EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2025/01/23 12:0 a.m.6 views

libuv: Hostname Truncation

Background libuv is a multi-platform support library with a focus on asynchronous I/O. Description Multiple vulnerabilities have been discovered in libuv. Please review the CVE identifiers referenced below for details. Impact The uvgetaddrinfo function in src/unix/getaddrinfo.c truncates hostname...

7.3CVSS7.5AI score0.02003EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/01/23 12:0 a.m.21 views

GLSA-202501-05 : libuv: Hostname Truncation

The remote host is affected by the vulnerability described in GLSA-202501-05 libuv: Hostname Truncation Multiple vulnerabilities have been discovered in libuv. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...

7.3CVSS7.1AI score0.02003EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2025/01/03 4:49 p.m.2 views

Security update for pcp

This update for pcp fixes the following issues: Upgrade to 6.2.0 bsc1217826 / PED8192: CVE-2024-45770: Fixed symlink race bsc1230552. CVE-2024-45769: Fixed pmstore corruption bsc1230551 CVE-2023-6917: Fixed local privilege escalation from pcp user to root bsc1217826. Bug fixes: Reintroduce libuv...

6.7CVSS9.3AI score0.00288EPSS
Exploits0References16
OSV
OSV
added 2025/01/03 4:49 p.m.5 views

SUSE-SU-2025:0011-1 Security update for pcp

This update for pcp fixes the following issues: Upgrade to 6.2.0 bsc1217826 / PED8192: - CVE-2024-45770: Fixed symlink race bsc1230552. - CVE-2024-45769: Fixed pmstore corruption bsc1230551 - CVE-2023-6917: Fixed local privilege escalation from pcp user to root bsc1217826. Bug fixes: - Reintroduc...

6.7CVSS5.7AI score0.00288EPSS
Exploits0References9
OSV
OSV
added 2024/12/16 2:6 p.m.14 views

BIT-NODE-MIN-2020-8252

The implementation of realpath in libuv 10.22.1, 12.18.4, and 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes...

7.8CVSS7.9AI score0.00714EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.5 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libuv (SUSE-SU-2024:4109-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4109-1 advisory. - CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724 Tenable...

7.3CVSS6.9AI score0.02003EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/11/29 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2024:4109-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.6AI score0.02003EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/11/29 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2024:4109-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.6AI score0.02003EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2024/11/28 4:15 p.m.2 views

Security update for libuv

This update for libuv fixes the following issues: CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

5.8CVSS7.4AI score0.02003EPSS
Exploits1References4
OSV
OSV
added 2024/11/28 4:15 p.m.16 views

SUSE-SU-2024:4109-1 Security update for libuv

This update for libuv fixes the following issues: - CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724...

7.3CVSS7.5AI score0.02003EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/01 10:5 p.m.41 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.6 is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.6 is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability...

9.1CVSS10AI score0.36081EPSS
Exploits2Affected Software1
OSV
OSV
added 2024/10/15 6:19 p.m.21 views

RHSA-2024:8132 Red Hat Security Advisory: libuv security update

Bulletin has no description...

7.3CVSS7.5AI score0.02003EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/10/15 11:54 a.m.30 views

Moderate: Red Hat Security Advisory: libuv security update

An update for libuv is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.3CVSS6.8AI score0.02003EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/15 12:0 a.m.9 views

RHEL 8 : libuv (RHSA-2024:8132)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8132 advisory. libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to...

7.3CVSS7AI score0.02003EPSS
Exploits1References5
Rows per page
Query Builder