Lucene search
K

4 matches found

SUSE Linux
SUSE Linux
added 2025/06/11 5:41 a.m.1 views

Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. CVE-2025-23165: memory leak and unbounded memory growth due to...

8.2CVSS7AI score0.00763EPSS
Exploits0References12
SUSE Linux
SUSE Linux
added 2025/06/11 5:41 a.m.0 views

Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. CVE-2025-23165: memory leak and unbounded memory growth due to...

8.2CVSS6.6AI score0.00763EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2025/05/16 2:53 a.m.3 views

SUSE CVE-2025-23165

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...

5.3CVSS6.9AI score0.0048EPSS
Exploits0References7
Snyk
Snyk
added 2025/05/13 9:0 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the ReadFileUtf8 internal binding, which fails to clean up pointers in uvfss.file. UTF-16 path buffers leak memory, which can lead to denial of service. Note: CVE-2025-23122 is a...

6.9CVSS6AI score0.0048EPSS
Exploits0References2
Rows per page
Query Builder