385 matches found
CVE-2025-47153
Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...
CVE-2025-47153
CVE-2025-47153 concerns build-time handling on 32-bit systems (i386) where libuv binaries and Node.js binaries are built with inconsistent off_t sizing. Specifically, 32-bit Debian builds may set _FILE_OFFSET_BITS=64 for the libuv dynamic library but rely on the system default (32) for nodejs, ca...
CVE-2025-47153
Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...
Linux Distros Unpatched Vulnerability : CVE-2024-24806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart...
Azure Linux 3.0 Security Update: cmake / libuv / nodejs / nodejs18 / python-gevent (CVE-2024-24806)
The version of cmake / libuv / nodejs / nodejs18 / python-gevent installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24806 advisory. - libuv is a multi-platform support library with a focus on...
Advisory ROSA-SA-2025-2605
software: libuv 1.44.2 OS: ROSA-CHROME packageevrstring: libuv-1.44.2-2 CVE-ID: CVE-2024-24806 BDU-ID: 2024-02979 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the uvgetaddrinfo function src/unix/getaddrinfo.c, src/win/getaddrinfo.c of the libuv asynchronous I/O library is related to insufficient...
libuv: Hostname Truncation
Background libuv is a multi-platform support library with a focus on asynchronous I/O. Description Multiple vulnerabilities have been discovered in libuv. Please review the CVE identifiers referenced below for details. Impact The uvgetaddrinfo function in src/unix/getaddrinfo.c truncates hostname...
GLSA-202501-05 : libuv: Hostname Truncation
The remote host is affected by the vulnerability described in GLSA-202501-05 libuv: Hostname Truncation Multiple vulnerabilities have been discovered in libuv. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...
Security update for pcp
This update for pcp fixes the following issues: Upgrade to 6.2.0 bsc1217826 / PED8192: CVE-2024-45770: Fixed symlink race bsc1230552. CVE-2024-45769: Fixed pmstore corruption bsc1230551 CVE-2023-6917: Fixed local privilege escalation from pcp user to root bsc1217826. Bug fixes: Reintroduce libuv...
SUSE-SU-2025:0011-1 Security update for pcp
This update for pcp fixes the following issues: Upgrade to 6.2.0 bsc1217826 / PED8192: - CVE-2024-45770: Fixed symlink race bsc1230552. - CVE-2024-45769: Fixed pmstore corruption bsc1230551 - CVE-2023-6917: Fixed local privilege escalation from pcp user to root bsc1217826. Bug fixes: - Reintroduc...
BIT-NODE-MIN-2020-8252
The implementation of realpath in libuv 10.22.1, 12.18.4, and 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libuv (SUSE-SU-2024:4109-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4109-1 advisory. - CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724 Tenable...
SUSE: Security Advisory (SUSE-SU-2024:4109-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:4109-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for libuv
This update for libuv fixes the following issues: CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
SUSE-SU-2024:4109-1 Security update for libuv
This update for libuv fixes the following issues: - CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks bsc1219724...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.6 is vulnerable to multiple Base OS issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.6 is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability...
RHSA-2024:8132 Red Hat Security Advisory: libuv security update
Bulletin has no description...
Moderate: Red Hat Security Advisory: libuv security update
An update for libuv is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHEL 8 : libuv (RHSA-2024:8132)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8132 advisory. libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to...