CentOS 8 : nodejs:10 (CESA-2020:1317)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1317 advisory. - ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 Note that Nessus has not tested for this issue but has instead relied only on the application'...

CentOS 8 : nodejs:12 (CESA-2020:2852)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2852 advisory. - nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 - nodejs-minimist: prototype pollution allows adding or modifying properties of...

CentOS 8 : nodejs:12 (CESA-2020:0598)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:0598 advisory. - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string CVE-2019-15604 - nodejs: HTTP request smuggling using...

CentOS 8 : nodejs:12 (CESA-2020:5499)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5499 advisory. - nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function CVE-2020-15366 - nodejs-yargs-parser: prototype pollution...

CentOS 8 : nodejs:10 (CESA-2019:2925)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2925 advisory. - nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass CVE-2019-5737 - HTTP/2: large amount of data requests leads to denial...

CVE-2020-24025

A flaw was found in nodejs-node-sass. Certificate validation is disabled when requesting binaries even if the user is not specifying an alternative download path...

Photon OS 3.0: Nodejs PHSA-2021-3.0-0186

An update of the nodejs package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0186. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid145413;...

Important Photon OS Security Update - PHSA-2021-0313

Updates of 'atftp', 'sudo', 'nodejs' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0313

An update of 'atftp', 'nodejs', 'sudo' packages of Photon OS has been released...

Important Photon OS Security Update - PHSA-2021-3.0-0186

Updates of 'nodejs', 'atftp', 'sudo', 'dnsmasq' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2021-0186

Updates of 'sudo', 'nodejs', 'atftp', 'dnsmasq' packages of Photon OS have been released...

Fedora: Security Advisory for nodejs (FEDORA-2021-d5b2c18fe6)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:0066-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - New upstream LTS version 14.15.4: CVE-2020-8265: use-after-free in TLSWrap High bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as...

OPENSUSE-SU-2021:0065-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - New upstream LTS version 10.23.1: CVE-2020-8265: use-after-free in TLSWrap High bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as...

SUSE-SU-2021:0107-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - New upstream LTS version 14.15.4: CVE-2020-8265: use-after-free in TLSWrap High bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as...

SUSE-SU-2021:0099-1 Security update for openstack-dashboard, release-notes-suse-openstack-cloud

This update for openstack-dashboard, release-notes-suse-openstack-cloud fixes the following issues: - Fix open redirect OSSA-2020-008, CVE-2020-29565 - Fix horizon-nodejs jobs. - Add workaround for secure boot issue when shim package is updated. bsc1179955...

SUSE-SU-2021:0082-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - New upstream LTS version 10.23.1: CVE-2020-8265: use-after-free in TLSWrap High bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as...

GLSA-202101-07 : NodeJS: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202101-07 NodeJS: Multiple vulnerabilities Multiple vulnerabilities have been discovered in NodeJS. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

[ASA-202101-16] nodejs: multiple issues

Arch Linux Security Advisory ASA-202101-16 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-8265 CVE-2020-8287 Package : nodejs Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1400 Summary ======= The package nodejs before...

[ASA-202101-14] nodejs-lts-erbium: multiple issues

Arch Linux Security Advisory ASA-202101-14 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-8265 CVE-2020-8287 Package : nodejs-lts-erbium Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1402 Summary ======= The package...