Download
| Alert*
oval:org.secpod.oval:def:1507532
nodejs [1:18.20.2-2] - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 [1:18.19.0-1] - Rebase to version 18.19.0 Resolves: RHEL-21 ... oval:org.secpod.oval:def:126032 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:2600332 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:5800202 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: Permissions policies can be bypassed via Module._load * nod ... oval:org.secpod.oval:def:19500344 The use of Module._load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.Please note that at the time this CVE was issued, the policy mechanism is an experimental feature of Node.js.Impacts:This vulnerability affects all users using the exp ... oval:org.secpod.oval:def:507980 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: Permissions policies can be bypassed via Module._load * nod ... oval:org.secpod.oval:def:1507053 [1:16.20.2-1] - Update to 16.20.2-1 Resolves CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 oval:org.secpod.oval:def:3301918 Security update for nodejs18 oval:org.secpod.oval:def:1507038 nodejs [1:18.17.1-1] - Rebase to version 18.17.1 Resolves: rhbz#2228939 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build nodejs-nodemon [3.0.1-1] - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging oval:org.secpod.oval:def:1507039 nodejs [1:18.17.1-1] - Rebase to version 18.17.1 Resolves: rhbz#2228940 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build Related: rhbz#2226726 nodejs-nodemon [3.0.1-1] - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging oval:org.secpod.oval:def:126037 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:126017 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:2501183 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:126011 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:2501184 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:3302077 Security update for nodejs16 oval:org.secpod.oval:def:126013 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:126035 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:5800211 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Permissions policies can be bypassed via Module._load * nodejs: Permissions policies can impersonate other modules in using module.construct ... oval:org.secpod.oval:def:1507040 nodejs [1:16.20.2-2] - Rebase to 16.20.2 Resolves: rhbz#2231866 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 nodejs-nodemon [3.0.1-1] - Rebase to 3.0.1 Resolves: CVE-2022-25883 nodejs-packaging [26-1] - nodejs.prov: find namespaced bundled dependencies - Apply https://src.fedoraproject.org ... oval:org.secpod.oval:def:2600341 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:508000 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Permissions policies can be bypassed via Module._load * nodejs: Permissions policies can impersonate other modules in using module.construct ... oval:org.secpod.oval:def:2108113 Oracle Solaris 11 - ( CVE-2023-32005 ) oval:org.secpod.oval:def:507977 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: Permissions policies can be bypassed via Module._load * nod ... oval:org.secpod.oval:def:507979 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: Permissions policies can be bypassed via Module._load * nod ... oval:org.secpod.oval:def:92938 The host is installed with Node.js 16.0.x before 16.20.2, 18.0.x before 18.17.1, or 20.0.x before 20.5.1 and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to handle issues in the experimental policy mechanism in all active release lines. Successfu ... oval:org.secpod.oval:def:89049310 This update for nodejs16 fixes the following issues: Update to LTS version 16.20.2. * CVE-2023-32002: Fixed permissions policies bypass via Module._load . * CVE-2023-32006: Fixed permissions policies impersonation using module.constructor.createRequire . * CVE-2023-32559: Fixed permissions policies ... oval:org.secpod.oval:def:96942 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data. oval:org.secpod.oval:def:612882 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data. oval:org.secpod.oval:def:89049329 This update for nodejs12 fixes the following issues: * CVE-2023-23918: Fixed permissions policies bypass via process.mainModule . * CVE-2023-32002: Fixed permissions policies bypass via Module._load . * CVE-2023-32006: Fixed permissions policies impersonation using module.constructor.createRequire . ... oval:org.secpod.oval:def:89049294 This update for nodejs14 fixes the following issues: * CVE-2023-32002: Fixed permissions policies bypass via Module._load . * CVE-2023-32006: Fixed permissions policies impersonation using module.constructor.createRequire . * CVE-2023-32559: Fixed permissions policies bypass via process.binding . * ... oval:org.secpod.oval:def:708999 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. |