Photon OS 2.0: Nodejs PHSA-2018-2.0-0093 (deprecated)

An update of 'nodejs' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0093. The text itself is copyright C VMware, Inc...

Important Photon OS Security Update - PHSA-2018-0185

Updates of 'nodejs' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0093

An update of 'nodejs' packages of Photon OS has been released...

Important Photon OS Security Update - PHSA-2018-0093

Updates of 'nodejs' packages of Photon OS have been released...

Security update for nodejs4 (moderate)

This update for nodejs4 fixes the following issues: Security issues fixed: - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 - Upgrade to OpenSSL 1.0.2p, which fixed: - CVE-2018-0732: Client...

Design/Logic Flaw

NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0...

CVE-2016-1000232

NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0...

CVE-2016-1000232

NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0...

CVE-2016-1000232

CVE-2016-1000232 affects the Node.js tough-cookie module: vulnerable in version 2.2.2 due to a Regular Expression Parsing DoS in HTTP Cookie header processing when parsing large headers. The issue could be triggered by a sufficiently large Cookie header. It has been fixed in 2.3.0; remediation is...

CVE-2016-1000232

NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0...

Fedora 27 : 1:nodejs (2018-d0505c1f21)

August security updates for Node.js Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Fedora Update for nodejs FEDORA-2018-d0505c1f21

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for nodejs FEDORA-2018-cfe558a202

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unspecified Vulnerability in Joyent Node.js

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Node.js 10.9.0 security update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

nodejs: Out of bounds (OOB) write via UCS-2 encoding

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and 'utf-16le', Bufferwrite can be abused to write outside of the bounds of a single Buffer. Writes that start from the second-to-last...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Node.js 8.11.4 security update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

ALPINE-CVE-2018-12115

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and 'utf-16le', Bufferwrite can be abused to write outside of the bounds of a single Buffer. Writes that start from the second-to-last...

192.168.0.172 (=4.6.1), 2ch (>=0.1.0 <=0.1.3) +6487 more potentially affected by CVE-2017-16129 via superagent (>=0.10.0 <=3.6.3)

superagent NPM version =0.10.0, =0.1.0, =0.13.0, =0.0.2, =0.0.1, =1.3.1, =0.0.1, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =0.1.0, =0.1.6 and more Source cves: CVE-2017-16129 Source advisory: OSV:GHSA-8225-6CVR-8PQP...

CVE-2018-1000620

A flaw was found in the nodejs-cryptiles library prior to version 4.1.2. Previous versions do not implement cryptographically secure randomness resulting in the randomDigits function returning a pseudo-random data string biased to certain digits. An attacker could exploit this to guess the...