48 matches found
The vulnerability of the minimatch library on the Node.js software platform lies in the use of a regular expression with inefficient computational complexity, which allows attackers to trigger a service failure.
The vulnerability of the minimatch library on the Node.js software platform is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
ROS-20260401-73-0036
A vulnerability in the Node.js software platform is related to an exceptional state handling bug. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260401-73-0035
A vulnerability in the Node.js software platform is related to an exceptional state handling bug. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
The vulnerability of the diff library (jsdiff) in the Node.js software platform, which allows a hacker to cause a service failure.
The vulnerability of the diff library jsdiff in the Node.js software platform is related to an uncontrolled resource consumption during the processing of the parsePatch parameter. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
EUVD-2021-2121
Malware in sbrugna...
[SECURITY] Fedora 41 Update: nodejs22-22.15.1-1.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 41 Update: nodejs20-20.19.2-1.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 42 Update: nodejs22-22.15.1-1.fc42
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
CVE-2021-32831
Total.js framework npm package total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. In total.js framework before version 3.4.9, calling the utils.set function with user-controlled values leads to code-injection. This c...
[SECURITY] Fedora 41 Update: nodejs22-22.15.0-2.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 40 Update: nodejs22-22.15.0-2.fc40
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 41 Update: nodejs20-20.19.1-1.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
The vulnerability of the diagnostics_channel utility in the Node.js software platform allows a hacker to bypass established security restrictions.
The vulnerability of the diagnosticschannel utility in the Node.js software platform is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to circumvent established security restrictions...
The vulnerability of the encryption and digital signature verification library in the Node.js software platform xml-crypto is related to deficiencies in the mechanism for verifying cryptographic signatures. This vulnerability allows attackers to enhance their privileges.
The vulnerability of the XML-crypto library and the digital signature verification mechanism in Node.js software platforms is related to deficiencies in the signature verification mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending special...
The vulnerability of the Node.js software platform, related to the lack of memory release after the effective lifespan, allows a hacker to trigger a service failure.
The vulnerability of the Node.js software platform lies in the lack of memory release after the effective lifespan of the application. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
[SECURITY] Fedora 41 Update: nodejs22-22.14.0-2.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 41 Update: nodejs18-18.20.6-1.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
Moderate: Red Hat Security Advisory: nodejs:18 security update
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: nodejs:18 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import...
The vulnerability of the setuid() module on the Node.js software platform, which allows a malicious actor to escalate their privileges
The vulnerability of the setuid module in the Node.js software platform is related to context switching errors during privilege escalation. Exploiting this vulnerability can allow an attacker to enhance their privileges...