Download
| Alert*
|
oval:org.secpod.oval:def:98747
c-ares: library for asynchronous name resolution c-ares could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:19500661 c-ares is a C library for asynchronous DNS requests. 'ares__read_line' is used to parse local configuration files such as '/etc/resolv.conf', '/etc/nsswitch.conf', the 'HOSTALIASES' file, and if using a c-ares version prior to 1.27.0, the '/etc/hosts' file. If any of these configuration files has an ... oval:org.secpod.oval:def:19500657 NOTE: https://nodejs.org/en/blog/release/v18.19.1NOTE: https://github.com/nodejs/node/commit/f31d47e135973746c4f490d5eb635eded8bb3dda NOTE: https://github.com/nodejs/node/commit/9052ef43dc2d1b0db340591a9bc9e45a25c01d90 Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already c ... oval:org.secpod.oval:def:127489 c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named ares, written by Greg Hudson at MIT. oval:org.secpod.oval:def:89051734 This update for c-ares fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line . oval:org.secpod.oval:def:708809 c-ares: library for asynchronous name resolution c-ares could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:1702212 c-ares is a C library for asynchronous DNS requests. `ares__read_line` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an ... oval:org.secpod.oval:def:89051731 This update for libcares2 fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line . oval:org.secpod.oval:def:127490 c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named ares, written by Greg Hudson at MIT. oval:org.secpod.oval:def:19500650 c-ares is a C library for asynchronous DNS requests. 'ares__read_line' is used to parse local configuration files such as '/etc/resolv.conf', '/etc/nsswitch.conf', the 'HOSTALIASES' file, and if using a c-ares version prior to 1.27.0, the '/etc/hosts' file. If any of these configuration files has an ... oval:org.secpod.oval:def:2108566 Oracle Solaris 11 - ( CVE-2024-25629 ) oval:org.secpod.oval:def:3302667 Security update for c-ares oval:org.secpod.oval:def:509443 The c-ares C library defines asynchronous DNS requests and provides name resolving API. Security Fix: c-ares: Out of bounds read in ares__read_line For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page l ... oval:org.secpod.oval:def:1507592 [1.19.1-2] - Resolves: RHEL-26529 - Out of bounds read in ares__read_line [rhel-9] oval:org.secpod.oval:def:2600632 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2600634 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:5800223 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: CONTINUATION frames DoS * nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service * nodejs: H ... oval:org.secpod.oval:def:509324 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: CONTINUATION frames DoS nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service nodejs: HTTP Re ... oval:org.secpod.oval:def:4501587 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: CONTINUATION frames DoS * nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service * nodejs: H ... oval:org.secpod.oval:def:509325 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: c-ares: Out of bounds read in ares__read_line nghttp2: CONTINUATION frames DoS nodejs: using the fetch function to retrieve content from an untrusted ... oval:org.secpod.oval:def:4501588 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * c-ares: Out of bounds read in ares__read_line * nghttp2: CONTINUATION frames DoS * nodejs: using the fetch function to retrieve content from an unt ... oval:org.secpod.oval:def:509320 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: CONTINUATION frames DoS nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service nodejs: HTTP Re ... oval:org.secpod.oval:def:2501386 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1507534 nodejs [1:20.12.2-2] - Backport nghttp2 patch for CVE-2024-28182 [1:20.12.2-1] - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 Fixes: CVE-2024-25629 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1507518 nodejs [1:18.20.2-1] - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1507539 [1:16.20.2-8.0.1] - Fix CVE-2024-28182, CVE-2024-22025, CVE-2024-25629, CVE-2024-27982, CVE-2024-27983 oval:org.secpod.oval:def:509314 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: CONTINUATION frames DoS nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service nodejs: HTTP Re ... oval:org.secpod.oval:def:509319 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: c-ares: Out of bounds read in ares__read_line nghttp2: CONTINUATION frames DoS nodejs: using the fetch function to retrieve content from an untrusted ... oval:org.secpod.oval:def:2501390 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1507526 nodejs [1:20.12.2-2] - Backport nghttp2 patch for CVE-2024-28182 [1:20.12.2-1] - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 Fixes: CVE-2024-25629 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:2600637 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2600651 The c-ares C library defines asynchronous DNS requests and provides name resolving API. oval:org.secpod.oval:def:1507532 nodejs [1:18.20.2-2] - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 [1:18.19.0-1] - Rebase to version 18.19.0 Resolves: RHEL-21 ... |
