Oracle Linux 9 : nodejs:22 (ELSA-2026-7302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7302 advisory. - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - patch for npm/braces CVE-2026-25547 Resolves: RHEL-163369 Fixes: CVE-2026-152...

Oracle Linux 8 : nodejs:20 (ELSA-2026-2422)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2422 advisory. nodejs 1:20.20.0-1 - Update to version 20.20.0 Resolves: RHEL-130972 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 Tenable has...

Oracle Linux 8 : nodejs:24 (ELSA-2026-2420)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2420 advisory. nodejs 1:24.13.0-1 - Update to 24.13.0 Resolves: RHEL-135257 1:24.4.1-1 - Initial import of nodejs:24 nodejs-nodemon 3.0.3-1 - Initial import into...

Malicious code in nanotechnology-nodejs-library-nodemon (npm)

The package nanotechnology-nodejs-library-nodemon was found to contain malicious code...

AZL-63707 CVE-2025-5889 affecting package nodejs-nodemon 2.0.3-4

A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely...

nodejs:22 security update

nodejs 1:22.15-1-1 - Update to 22.16.0 Fixes: CVE-2025-23166 - Resolves: RHEL-91596 RHEL-92859 1:22.15.0-1 - Update to 22.15.0 - Drop upstream patches 1:22.13.1-4 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 1:22.13.1-3 - Update c-ares to newest version with fix for CVE-2025-31498...

Fedora: Security Advisory (FEDORA-2025-0951177024)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-7d7b644265)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-9a278a7768)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : nodejs-nodemon (2025-9a278a7768)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9a278a7768 advisory. Added patch for CVE-2024-4068 rhbz2280624 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 41 : nodejs-nodemon (2025-0951177024)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0951177024 advisory. Added patch for CVE-2024-4068 rhbz2280624 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

AZL-54017 CVE-2024-52798 affecting package nodejs-nodemon 2.0.3-4

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgra...

22 bug fix and enhancement update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For...

AZL-50067 CVE-2024-47764 affecting package nodejs-nodemon 2.0.3-5

cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...

AZL-50094 CVE-2024-47764 affecting package nodejs-nodemon 2.0.3-4

cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...

RHSA-2022:0041 Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update

Bulletin has no description...

RHSA-2023:0321 Red Hat Security Advisory: nodejs and nodejs-nodemon security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2021:3281 Red Hat Security Advisory: rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon security update

Bulletin has no description...

RHSA-2022:6389 Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security and bug fix update

Bulletin has no description...

RHSA-2021:2931 Red Hat Security Advisory: rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon security update

Bulletin has no description...