Download
| Alert*
oval:org.secpod.oval:def:75906
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Use-after-free on close http2 on stream canceling * nodejs: Use-after-free on close http2 on stream canceling * c-ares: Missing input valid ... oval:org.secpod.oval:def:506351 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Use-after-free on close http2 on stream canceling * nodejs: Use-after-free on close http2 on stream canceling * c-ares: Missing input valid ... oval:org.secpod.oval:def:506323 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs . Security Fix: * nodejs: Use-after-free on close http2 on stream canceling ... oval:org.secpod.oval:def:506322 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs . Security Fix: * nodejs: Use-after-free on close http2 on stream canceling ... oval:org.secpod.oval:def:2500478 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2500264 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2106980 Oracle Solaris 11 - ( CVE-2021-37701 ) oval:org.secpod.oval:def:94104 The host is installed with Node.js 12.x before 12.22.5, 14.x before 14.17.5 or 16.x before 16.6.2 and is prone to a use after free vulnerability. A flaw is present in the application which fails to handle the http2 on stream canceling. On successful exploitation, an attacker might be able to exploit ... oval:org.secpod.oval:def:1505133 nodejs [1:14.17.5-1] - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ#1847529 - Resolves: RHBZ#1988599, RHBZ#1994000, RHBZ#1993998, RHBZ#1993095 - Resolves: RHBZ#1994028, RHBZ#1994402, RHBZ#199 ... oval:org.secpod.oval:def:1505128 nodejs [1:12.22.5-1] - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ#1951621 - Resolves: RHBZ#1988595, RHBZ#1993992, RHBZ#1993989, RHBZ#1993093 - Resolves: RHBZ#1994025, RHBZ#1994403, RHBZ#199 ... oval:org.secpod.oval:def:75905 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Use-after-free on close http2 on stream canceling * nodejs: Use-after-free on close http2 on stream canceling * c-ares: Missing input valid ... oval:org.secpod.oval:def:506349 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Use-after-free on close http2 on stream canceling * nodejs: Use-after-free on close http2 on stream canceling * c-ares: Missing input valid ... oval:org.secpod.oval:def:89046898 This update for nodejs10 fixes the following issues: - CVE-2021-22930, CVE-2021-22940: Fixed two memory corruption issues during HTTP/2 stream cancellation . - CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2021-22960, CVE-2021-22959: Fixed multiple HTTP request smuggling issues in the underlyi ... oval:org.secpod.oval:def:3300355 SUSE Security Update: Security update for nodejs10 |