4323 matches found
ALPINE-CVE-2021-22931
Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames leading to Domain Hijacking and injection...
Denial Of Service (DoS)
nodejs-current is vulnerable to Denial Of Service DoS. The vulnerability exists due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames...
Denial Of Service (DoS)
nodejs is vulnerable to Denial Of Service DoS. A use-after-free allows an attacker to exploit a memory corruption vulnerability to crash the application or change process behavior...
nodejs:14 security, bug fix, and enhancement update
nodejs 1:14.17.3-2 - Resolves: RHBZ1980032, RHBZ1978203 - Resolves RHBZ1842826 - Don't use patch3 1:14.17.3-1 - Resolves: RHBZ1980032, RHBZ1978203 - Resolves RHBZ1842826 - Resolves CVE-2021-22918libuv, use system cipher list 1:14.16.0-3 - Resolves: RHBZ1930775 - Always build with systemtap...
CVE-2018-7167 affecting package nodejs 8.11.4-7
CVE-2018-7167 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2018-12116 affecting package nodejs 8.11.4-7
CVE-2018-12116 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2018-1000168 affecting package nodejs 8.11.4-7
CVE-2018-1000168 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2021-22918 affecting package nodejs 14.17.0-1
CVE-2021-22918 affecting package nodejs 14.17.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2018-7161 affecting package nodejs 8.11.4-7
CVE-2018-7161 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2018-12122 affecting package nodejs 8.11.4-7
CVE-2018-12122 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2018-0734 affecting package nodejs 8.11.4-7
CVE-2018-0734 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2019-5737 affecting package nodejs 8.11.4-7
CVE-2019-5737 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2018-7162 affecting package nodejs 8.11.4-7
CVE-2018-7162 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2018-12121 affecting package nodejs 8.11.4-7
CVE-2018-12121 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2020-8174 affecting package nodejs 8.11.4-7
CVE-2020-8174 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CVE-2018-7164 affecting package nodejs 8.11.4-7
CVE-2018-7164 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...
CentOS 8 : nodejs:12 (CESA-2021:3073)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3073 advisory. - libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 - nodejs-hosted-git-info: Regular Expression...
Photon OS 4.0: Nodejs PHSA-2021-4.0-0074
An update of the nodejs package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0074. The text itself is copyright C VMware, Inc...
SUSE-SU-2021:2620-1 Security update for nodejs8
This update for nodejs8 fixes the following issues: - update to npm 6.14.13 - CVE-2021-27290: Fixed ssri Regular Expression Denial of Service. bsc1187976 - CVE-2021-23362: Fixed hosted-git-info Regular Expression Denial of Service bsc1187977 - CVE-2021-22884: DNS rebinding in --inspect bsc1182620...
CVE-2021-3664
An input validation flaw was found in the nodejs url-parse library, which incorrectly parses a URL that contains backslashes. This flaw allows an attacker to specify a relative URL and cause the browser to redirect to a malicious website. The highest threat from this vulnerability is to integrity...