4345 matches found
RHSA-2021:3638 Red Hat Security Advisory: nodejs:12 security and bug fix update
Bulletin has no description...
RHSA-2021:3623 Red Hat Security Advisory: nodejs:12 security and bug fix update
Bulletin has no description...
RHEA-2022:5139 Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update
Bulletin has no description...
RHEA-2022:5221 Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update
Bulletin has no description...
RHEA-2022:4925 Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update
Bulletin has no description...
RHSA-2024:1503 Red Hat Security Advisory: nodejs:18 security update
Bulletin has no description...
RHSA-2024:2793 Red Hat Security Advisory: nodejs:16 security update
Bulletin has no description...
RHSA-2024:2651 Red Hat Security Advisory: nodejs:16 security update
Bulletin has no description...
RHSA-2024:1932 Red Hat Security Advisory: nodejs:18 security update
Bulletin has no description...
RHSA-2024:1687 Red Hat Security Advisory: nodejs:20 security update
Bulletin has no description...
RHSA-2024:1688 Red Hat Security Advisory: nodejs:20 security update
Bulletin has no description...
nodejs-electron-31.7.1-1.1 on GA media (moderate)
nodejs-electron-31.7.1-1.1 on GA media Announcement ID: openSUSE-SU-2024:14410-1 Rating: moderate Cross-References: CVE-2024-9602 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2024:14410-1 nodejs-electron-31.7.1-1.1 on GA media
These are all security issues fixed in the nodejs-electron-31.7.1-1.1 package on the GA media of openSUSE Tumbleweed...
Malicious code in middleware-sdk-sqs (npm)
--- -= Per source details. Do not edit below this line.=-...
SUSE CVE-2024-48949
The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S.gtesig.eddsa.curve.n || sig.S.isNeg" validation...
RHSA-2019:2925 Red Hat Security Advisory: nodejs:10 security update
Bulletin has no description...
AZL-50067 CVE-2024-47764 affecting package nodejs-nodemon 2.0.3-5
cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...
AZL-50094 CVE-2024-47764 affecting package nodejs-nodemon 2.0.3-4
cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...
@saltcorn/plugins-loader unsanitized plugin name leads to a remote code execution (RCE) vulnerability when creating plugins using git source
Summary When creating a new plugin using the git source, the user-controlled value req.body.name is used to build the plugin directory where the location will be cloned. The API used to execute the git clone command with the user-controlled data is childprocess.execSync. Since the user-controlled...
RHSA-2024:1438 Red Hat Security Advisory: nodejs security update
Bulletin has no description...