Download
| Alert*
oval:org.secpod.oval:def:89002823
This update for nodejs10 fixes the following issues: - New upstream LTS version 10.23.1: * CVE-2020-8265: use-after-free in TLSWrap bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as firs ... oval:org.secpod.oval:def:505902 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * nodejs-mixin-deep: prototype pollution in function m ... oval:org.secpod.oval:def:505951 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs , rh-nodejs12-nodejs-nodemon . Security Fix: * nodejs-mixin-deep: prototype ... oval:org.secpod.oval:def:93895 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:119256 Node.js is a platform built on Chromes JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:69846 Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code or HTTP request smuggling. oval:org.secpod.oval:def:1504648 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69636 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * nodejs-mixin-deep: prototype pollution in function m ... oval:org.secpod.oval:def:2500415 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:605391 Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code or HTTP request smuggling. oval:org.secpod.oval:def:4501227 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * nodejs-mixin-deep: prototype pollution in function m ... oval:org.secpod.oval:def:2106629 Oracle Solaris 11 - ( CVE-2020-8265 ) oval:org.secpod.oval:def:708427 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:96761 The host is installed with Node.js 10.x before 10.23.1, 12.x before 12.20.1, 14.x before 14.15.4, or 15.x before 15.5.1 and is prone to a use-after-free vulnerability. A flaw is present in the application which fails to handle an issue in the TLS implementation. Successful exploitation allows an att ... oval:org.secpod.oval:def:4501265 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when validating u ... oval:org.secpod.oval:def:505788 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when ... oval:org.secpod.oval:def:505903 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when validating u ... oval:org.secpod.oval:def:505900 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-validate: impro ... oval:org.secpod.oval:def:505948 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs10-nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-val ... oval:org.secpod.oval:def:2500278 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1504649 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69637 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when validating u ... oval:org.secpod.oval:def:69635 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-validate: impro ... oval:org.secpod.oval:def:4501299 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-validate: impro ... oval:org.secpod.oval:def:1504651 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500287 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:119291 Node.js is a platform built on Chromes JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. |