Oracle Linux 9 : nodejs:22 (ELSA-2025-8467)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8467 advisory. nodejs 1:22.16.0-1 - Update to 22.16.0 Resolves: RHEL-89600 RHEL-92872 RHEL-92420 Tenable has extracted the preceding description block directly from the Oracle...

Fedora: Security Advisory (FEDORA-2025-8e0ecb9bb6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : nodejs:22 (ELSA-2025-7433)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7433 advisory. - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87319 - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86586 - Update ...

Critical Photon OS Security Update - PHSA-2025-4.0-0801

Updates of 'linux', 'nodejs' packages of Photon OS have been released...

[SECURITY] Fedora 41 Update: nodejs-pnpm-10.9.0-1.fc41

A fast, disk space efficient package manager for NodeJS...

[SECURITY] Fedora 40 Update: nodejs-pnpm-10.9.0-1.fc40

A fast, disk space efficient package manager for NodeJS...

Debian: Security Advisory (DLA-4152-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7469-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1

CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...

Malicious code in auth0-nodejs-webapp-sample-new-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66ab3d3775ff156aa2978e726606e002c0b7d2673ea1667898733604c8521491 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-23090 affecting package nodejs for versions less than 20.14.0-4

CVE-2025-23090 affecting package nodejs for versions less than 20.14.0-4. A patched version of the package is available...

GHSA-CH4X-F5C4-36GV vulnerabilities

Vulnerabilities for packages: nodejs...

Debian: Security Advisory (DLA-4067-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : nodejs:18 (ELSA-2025-1582)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1582 advisory. nodejs 1:18.20.6-1 - Update to version 18.20.6 Resolves: RHEL-78326 Fixes: CVE-2025-23085 CVE-2025-22150 nodejs-nodemon nodejs-packaging Tenable has...

Mageia: Security Advisory (MGASA-2025-0041)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MAL-2025-1173 Malicious code in sample-nodejs-vsk-with-adm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 268548cd4032a80297c2f7fd9c2e1171027f9ecf4fabcb35debfb7c1fbc0cc13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nodejs-paypal-checkout-demo (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 909c8505097e7b62c38bde6c75bb0ba8516f566136ec093b913944bcbdd1130e Any computer that has this package installed or running should be considered...

AZL-56022 CVE-2025-0611 affecting package nodejs18 18.20.3-11

Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

AZL-56035 CVE-2025-0612 affecting package nodejs 20.14.0-13

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

AZL-56041 CVE-2025-0611 affecting package nodejs 20.14.0-13

Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...