Download
| Alert*
oval:org.secpod.oval:def:2004626
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate oval:org.secpod.oval:def:1504519 nodejs [1:10.19.0-1] - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 [1:10.16.3-1] - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518 [1:10.14.1-1] - Resolves: RHBZ#1644207 - fixes node-gyp permissions - rebase [1:10.11.0-2] - BuildRequire nodejs-packaging for proper npm dependenc ... oval:org.secpod.oval:def:64006 Oracle Solaris 11 - ( CVE-2019-15605 ) oval:org.secpod.oval:def:67624 The host is installed with Kibana before 6.8.7 or 7.x before 7.6.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in TLS handling code of Node.js. Successful exploitation could allow an attacker to cause Kibana to cras ... oval:org.secpod.oval:def:89000221 This update for nodejs8 fixes the following issues: Security issues fixed: - CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string . - CVE-2019-15605: Fixed an HTTP request smuggling vulnerability via malformed Transfer-Encoding header . - CVE-2019 ... oval:org.secpod.oval:def:66769 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-Encoding head ... oval:org.secpod.oval:def:89000175 This update for nodejs10 fixes the following issues: nodejs10 was updated to version 10.19.0. Security issues fixed: - CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string . - CVE-2019-15605: Fixed an HTTP request smuggling vulnerability via malfo ... oval:org.secpod.oval:def:2105841 Oracle Solaris 11 - ( CVE-2019-15605 ) oval:org.secpod.oval:def:2500152 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:505104 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-E ... oval:org.secpod.oval:def:504801 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs10-nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-E ... oval:org.secpod.oval:def:503539 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-Encoding head ... oval:org.secpod.oval:def:69485 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: HTTP request smuggling using malformed Transfer-Encoding head ... oval:org.secpod.oval:def:67542 The host is installed with Node.js 10.0.0 before 10.19.0, 12.0.0 before 12.15.0, 13.0.0 before 13.8.0 and is prone to an improper certificate validation vulnerability. A flaw is present in the application which fails to handle crafted X.509 certificate. Successful exploitation can allow attackers to ... oval:org.secpod.oval:def:2500123 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1504526 nodejs [1:12.16.1-1] - Resolves: RHBZ#1800393, RHBZ#1800394, RHBZ#1800380 - Rebase to 12.16.1 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:604825 Multiple vulnerabilities were discovered in Node.js, which could result in denial of service or HTTP request smuggling. oval:org.secpod.oval:def:63513 Multiple vulnerabilities were discovered in Node.js, which could result in denial of service or HTTP request smuggling. |