Download
| Alert*
oval:org.secpod.oval:def:99453
The host is installed with Node.js 20.x before 20.11.1, or 21.x before 21.6.2 and is prone to a path traversal vulnerability. A flaw is present in the application which fails to properly handle the experimental permission model. Successful exploitation could allow an attacker to modify the result of ... oval:org.secpod.oval:def:1507444 nodejs [1:20.11.1-1] - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:2600534 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:1507446 nodejs [1:20.11.1-1] - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:509183 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding nodejs: reading unprocessed HTTP request with unbounded ... oval:org.secpod.oval:def:509194 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding nodejs: reading unprocessed HTTP request with unbounded ... oval:org.secpod.oval:def:19500644 The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path.This misleading documentation affects all users using the experimental permission model in active release lines: 20.x and 21.x.Please note that at the time this ... oval:org.secpod.oval:def:2501366 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:4501572 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding * nodejs: reading unprocessed HTTP request with unbou ... oval:org.secpod.oval:def:5800222 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding * nodejs: reading unprocessed HTTP request with unbou ... |