29 matches found
Low: nodejs22
Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...
Oracle Linux 10 : nodejs22 (ELSA-2026-7080)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7080 advisory. - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - patch for npm/braces CVE-2026-25547 Tenable has extracted the preceding...
RHSA-2026:1843 Red Hat Security Advisory: nodejs22 security update
Bulletin has no description...
RockyLinux 10 : nodejs22 (RLSA-2026:1843)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1843 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...
Important: nodejs22
Issue Overview: Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated...
SUSE-SU-2026:0301-1 Security update for nodejs22
This update for nodejs22 fixes the following issues: Security fixes: - CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 - CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing...
SUSE SLES15 / openSUSE 15 Security Update : nodejs22 (SUSE-SU-2026:0295-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0295-1 advisory. Security fixes: - CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion...
Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2025-1137)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1137 advisory. There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommen...
Oracle Linux 10 : nodejs22 (ELSA-2025-7502)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7502 advisory. - Update c-ares with fix for CVE-2025-31498 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
SUSE SLES15 Security Update : nodejs22 (SUSE-SU-2025:01879-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01879-1 advisory. Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improper error...
SUSE SLES15 / openSUSE 15 Security Update : nodejs22 (SUSE-SU-2025:01878-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01878-1 advisory. Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improp...
Oracle Linux 10 : nodejs22 (ELSA-2025-8493)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8493 advisory. - Update c-ares with fix for CVE-2025-31498 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...
SUSE-SU-2025:01878-1 Security update for nodejs22
This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. - CVE-2025-23165: memory leak and unbounded memory growth due to...
Fedora: Security Advisory (FEDORA-2025-f4cee58e97)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-61ad6e65b3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : nodejs22 (2025-61ad6e65b3)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-61ad6e65b3 advisory. Update to version 22.15.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora: Security Advisory (FEDORA-2025-2c1f4c46d0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-d0dc563a3a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-e97e5c6ce3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHSA-2025:7502 Red Hat Security Advisory: nodejs22 security update
Bulletin has no description...