Download
| Alert*
oval:org.secpod.oval:def:89051781
This update for nodejs14 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session that could lead to HTTP/2 server crash * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation oval:org.secpod.oval:def:99042 The host is installed with Node.js 18.x before 18.20.1, 20.x before 20.12.1, or 21.x before 21.7.2 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle nghttp2 memory. Successful exploitation could allow an attacker to make the Node.js HTTP/2 ... oval:org.secpod.oval:def:89051764 This update for nodejs16 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session that could lead to HTTP/2 server crash * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation oval:org.secpod.oval:def:127528 Node.js is a platform built on Chromes JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devic ... oval:org.secpod.oval:def:99044 The host is installed with Node.js 18.x before 18.20.1, 20.x before 20.12.1, or 21.x before 21.7.2 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle nghttp2 memory. Successful exploitation could allow an attacker to make the Node.js HTTP/2 ... oval:org.secpod.oval:def:89051784 This update for nodejs12 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session that could lead to HTTP/2 server crash * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation oval:org.secpod.oval:def:89051765 This update for nodejs18 fixes the following issues: Update to 18.20.1 Security fixes: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session that could lead to HTTP/2 server crash * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation * CVE-202 ... oval:org.secpod.oval:def:89051766 This update for nodejs16 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session that could lead to HTTP/2 server crash * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation |