Download
| Alert*
|
oval:org.secpod.oval:def:96775
The host is installed with Node.js 16.x before 16.19.1, 18.x before 18.14.1, or 19.x before 19.6.1 and is prone to a CRLF injection vulnerability. A flaw is present in the application which fails to handle the fetch API used in the 'host' header. Successful exploitation allows an attacker to cause H ... oval:org.secpod.oval:def:1507532 nodejs [1:18.20.2-2] - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 [1:18.19.0-1] - Rebase to version 18.19.0 Resolves: RHEL-21 ... oval:org.secpod.oval:def:508153 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: glob-parent: Regular Expression Denial of Service http-cache-semantics ... oval:org.secpod.oval:def:2600233 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:5800169 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * c-ares: buffer overflow in config_sortlist due to mi ... oval:org.secpod.oval:def:2600246 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:4501399 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * glob-parent: Regular Expression Denial of Service * http-cache-seman ... oval:org.secpod.oval:def:508149 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: glob-parent: Regular Expression Denial of Service c-ares: buffer overf ... oval:org.secpod.oval:def:2107996 Oracle Solaris 11 - ( CVE-2023-23918 ) oval:org.secpod.oval:def:507696 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * glob-parent: Regular Expression Denial of Service * c-ares: buffer o ... oval:org.secpod.oval:def:507702 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * c-ares: buffer overflow in config_sortlist due to mi ... oval:org.secpod.oval:def:1506500 nodejs [1:16.19.1-1] - Rebase to 16.19.1 Resolves: rhbz#2153713 Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 Resolves: CVE-2022-25881 CVE-2022-4904 nodejs-nodemon [2.0.20-3] - Patch bundled glob-parent Resolves: CVE-2021-35065 oval:org.secpod.oval:def:1506501 nodejs [1:18.14.2-2] - Provide simduft [1:18.14.2-1] - Rebase to 18.14.2 - Resolves: #2178087 - Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 - Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920 oval:org.secpod.oval:def:89048637 This update for nodejs16 fixes the following issues: Update to LTS version 16.19.1: * CVE-2023-23918: Fixed permissions policies that could have been bypassed via process.mainModule . * CVE-2023-23919: Fixed OpenSSL error handling issues in nodejs crypto library . * CVE-2023-23920: Fixed insecure lo ... oval:org.secpod.oval:def:1506571 nodejs [1:18.14.2-2] - Provide simduft - Resolves: #2159389 [1:18.14.2-1] - Rebase to 18.14.2 - Resolves: #2159389 - Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 - Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920 nodejs-nodemon [2.0.20-2] - Patch bundled glob-paren ... oval:org.secpod.oval:def:4501404 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * glob-parent: Regular Expression Denial of Service * c-ares: buffer o ... oval:org.secpod.oval:def:1506562 nodejs [1:16.19.1-1] - Rebase to 16.19.1 - Resolves: rhbz#2153714 - Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 - Resolves: CVE-2022-25881 CVE-2022-4904 nodejs-nodemon [2.0.20-3] - Patch bundled glob-parent - Resolves: CVE-2021-35065 oval:org.secpod.oval:def:2501041 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2501042 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. |
