4328 matches found
CVE-2024-21890 vulnerabilities
Vulnerabilities for packages: nodejs...
CVE-2025-23089 vulnerabilities
Vulnerabilities for packages: nodejs...
GHSA-F9JC-68CV-WP63 vulnerabilities
Vulnerabilities for packages: nodejs...
OPENSUSE-SU-2025:14917-1 nodejs-electron-33.4.6-1.1 on GA media
These are all security issues fixed in the nodejs-electron-33.4.6-1.1 package on the GA media of openSUSE Tumbleweed...
Azure Linux 3.0 Security Update: nodejs / nodejs18 / python-jinja2 (CVE-2025-27516)
The version of nodejs / nodejs18 / python-jinja2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27516 advisory. - Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the...
Azure Linux 3.0 Security Update: cmake / nghttp2 / nodejs / nodejs18 (CVE-2023-35945)
The version of cmake / nghttp2 / nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-35945 advisory. - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's...
OPENSUSE-SU-2025:14884-1 nodejs-electron-33.4.4-1.1 on GA media
These are all security issues fixed in the nodejs-electron-33.4.4-1.1 package on the GA media of openSUSE Tumbleweed...
MAL-2025-2254 Malicious code in ee-server-auth-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32fbc3ea50c42c26476bf7cb134539c929e31be4c5e816c994e529e00b5ebf47 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2257 Malicious code in example-nodejs-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb2351b3777bfaea370237b22b5155a53e293162cb01bca791717b05107a4b7c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
AZL-58362 CVE-2025-2137 affecting package nodejs 20.14.0-13
Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...
AZL-58372 CVE-2025-1920 affecting package nodejs18 18.20.3-11
Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
AZL-58375 CVE-2025-2137 affecting package nodejs18 18.20.3-11
Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...
AZL-58377 CVE-2025-2135 affecting package nodejs18 18.20.3-11
Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Linux Distros Unpatched Vulnerability : CVE-2023-43646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regul...
Malicious code in organizer-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71911a8ea9e577cc58952aaad429e86a8c29e91145fc92156b41365c77f19012 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2120 Malicious code in organizer-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71911a8ea9e577cc58952aaad429e86a8c29e91145fc92156b41365c77f19012 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in api-nodejs-template (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1726 Malicious code in api-nodejs-template (npm)
--- -= Per source details. Do not edit below this line.=-...
nodejs-electron-33.4.2-1.1 on GA media (moderate)
nodejs-electron-33.4.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:14848-1 Rating: moderate Cross-References: CVE-2025-0611 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2025:14848-1 nodejs-electron-33.4.2-1.1 on GA media
These are all security issues fixed in the nodejs-electron-33.4.2-1.1 package on the GA media of openSUSE Tumbleweed...