CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Oracle linux•added 2024/05/10 12:0 a.m.•50 views

nodejs:18 security update

nodejs 1:18.20.2-1 - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon nodejs-packaging...

8.2CVSS7.3AI score0.75933EPSS

OSV•added 2024/05/09 6:51 p.m.•33 views

RLSA-2024:2779 Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

7.5CVSS7AI score0.75933EPSS

Rockylinux•added 2024/05/09 6:51 p.m.•54 views

nodejs:18 security update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

8.2CVSS7.4AI score0.75933EPSS

OSV•added 2024/05/09 6:50 p.m.•34 views

RLSA-2024:2780 Important: nodejs:18 security update

8.2CVSS7AI score0.75933EPSS

Rockylinux•added 2024/05/09 6:50 p.m.•52 views

nodejs:20 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.2CVSS6.7AI score0.75933EPSS

OSV•added 2024/05/09 6:50 p.m.•69 views

RLSA-2024:2778 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 nghttp2: CONTINUATION frames DoS CVE-2024-28182 nodejs: using the fetch function to...

RedHat Linux•added 2024/05/09 9:57 a.m.•36 views

Important: Red Hat Security Advisory: nodejs:16 security update

An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.9AI score0.0038EPSS

Exploits0References2

RedHat Linux•added 2024/05/09 6:30 a.m.•3 views

nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service

A flaw was found in Node.js that allows a denial of service attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fetch function in Node.js that always decodes Brotli, making it possible for an attacker to caus...

6.5CVSS7.3AI score0.00636EPSS

Exploits0References4

RedHat Linux•added 2024/05/09 6:30 a.m.•54 views

Important: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RedHat Linux•added 2024/05/09 6:29 a.m.•4 views

nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service

6.5CVSS7.3AI score0.00636EPSS

Exploits0References4

RedHat Linux•added 2024/05/09 6:29 a.m.•43 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RedHat Linux•added 2024/05/09 6:29 a.m.•1 views

nodejs: HTTP Request Smuggling via Content Length Obfuscation

An HTTP Request Smuggling vulnerability was found in Node.js due to Content-Length Obfuscation in the HTTP server. Malformed headers, particularly if a space is inserted before a content-length header, can result in HTTP request smuggling. This flaw allows attackers to inject a second request...

6.5CVSS7.2AI score0.00529EPSS

Exploits0References5

RedHat Linux•added 2024/05/09 6:26 a.m.•44 views

Important: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RedHat Linux•added 2024/05/09 6:26 a.m.•3 views

nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service

6.5CVSS7.3AI score0.00636EPSS

Exploits0References4

Tenable Nessus•added 2024/05/09 12:0 a.m.•25 views

Rocky Linux 9 : nodejs:18 (RLSA-2024:2779)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2779 advisory. - A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function ...

8.2CVSS7.3AI score0.75933EPSS

Exploits2References11

Oracle linux•added 2024/05/09 12:0 a.m.•45 views

nodejs:20 security update

nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...

8.2CVSS7.3AI score0.75933EPSS