Download
| Alert*
oval:org.secpod.oval:def:2107133
Oracle Solaris 11 - ( CVE-2022-21824 ) oval:org.secpod.oval:def:19500180 An HTTP Request Smuggling vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied , an attacker can use this flaw to inject arbitrary messages through the proxy. The highest t ... oval:org.secpod.oval:def:507284 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Improper handling of URI Subject Alternative Names * nodejs: Certificate Verification Bypass via String Injection * nodejs: Incorrect handl ... oval:org.secpod.oval:def:608615 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution. oval:org.secpod.oval:def:4501036 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Improper handling of URI Subject Alternative Names * nodejs: Certificate Verification Bypass via String Injection * nodejs: Incorrect handl ... oval:org.secpod.oval:def:94167 The host is installed with Node.js before 12.22.9, 14.0.0 before 14.18.3, 16.0.0 before 16.13.2, 17.0.0 before 17.3.1 and is prone to an improper certificate validation vulnerability. A flaw is present in the application which fails to handle issues in multi-value Relative Distinguished Names. Succe ... oval:org.secpod.oval:def:121444 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:2501025 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1506186 nodejs [1:14.20.1-2] - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 [1:14.20.1-1] - Rebase to version 14.20.1 Resolves: CVE-2022-35256 nodejs-packaging [23-3] - Updated - Removed pathfix.py [23-2] - Rebuilt f ... oval:org.secpod.oval:def:121449 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:83332 The host is installed with Node.js 14.x before 14.18.3, 16.x before 16.13.2 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to handle multi-value Relative Distinguished Names. Successful exploitation allows attackers to craft certif ... oval:org.secpod.oval:def:88368 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution. oval:org.secpod.oval:def:507210 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Improper handling of URI Subject Alternative Names * nodejs: Certificate Verification Bypass via String Injection * nodejs: Incorrect handl ... oval:org.secpod.oval:def:4501076 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs , nodejs-nodemon . Security Fix: * nodejs: Improper handling of URI Subject Alternative Names ... oval:org.secpod.oval:def:507433 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs , nodejs-nodemon . Security Fix: * nodejs: Improper handling of URI Subject Alternative Names ... oval:org.secpod.oval:def:506987 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs . This is the last planned rebase before the collection reaches End of Life ... oval:org.secpod.oval:def:1506321 nodejs [1:16.18.1-3] - Update sources of undici WASM blobs Resolves: rhbz#2151546 [1:16.18.1-2] - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 [1:16.18.1-1] - Rebase + CVE fixes - Resolves: #214280 ... oval:org.secpod.oval:def:2501022 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. |