9 matches found
EUVD-2021-31364
Malicious code in bioql PyPI...
BIT-NODE-MIN-2021-44533
Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...
Oracle Linux 8 : nodejs:14 (ELSA-2022-7830)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7830 advisory. - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 - Rebase to...
Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise (CVE-2021-44533)
Summary IBM App Connect Enterprise ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-44533 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by...
CVE-2021-44533
Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...
ALPINE-CVE-2021-44533
Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...
CVE-2021-44533
Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...
CVE-2021-44533
CVE-2021-44533 affects Node.js by improper handling of multi-value Relative Distinguished Names, potentially allowing bypass of certificate subject verification. Affected are Node.js versions < 12.22.9, < 14.18.3, < 16.13.2, and
openSUSE 15 Security Update : nodejs12 (openSUSE-SU-2022:0113-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0113-1 advisory. - Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in...