Download
| Alert*
oval:org.secpod.oval:def:509162
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks nodejs: vulnerable to timing variant of the Bleichenbacher ... oval:org.secpod.oval:def:2600534 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:2600535 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:509150 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: code injection and privilege escalation through Linux capabilities nodejs: reading unprocessed HTTP request with unbounded chunk extension all ... oval:org.secpod.oval:def:509183 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding nodejs: reading unprocessed HTTP request with unbounded ... oval:org.secpod.oval:def:509194 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding nodejs: reading unprocessed HTTP request with unbounded ... oval:org.secpod.oval:def:4501545 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks * nodejs: vulnerable to timing variant of the Bleichenbac ... oval:org.secpod.oval:def:19500644 The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path.This misleading documentation affects all users using the experimental permission model in active release lines: 20.x and 21.x.Please note that at the time this ... oval:org.secpod.oval:def:19500653 A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if they have been set by an unprivileged user while the process is running with elevated privileges, with the exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrec ... oval:org.secpod.oval:def:1507444 nodejs [1:20.11.1-1] - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1507411 nodejs [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1507446 nodejs [1:20.11.1-1] - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:2501366 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:1507409 nodejs [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:5800219 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: code injection and privilege escalation through Linux capabilities * nodejs: reading unprocessed HTTP request with unbounded chunk extension ... oval:org.secpod.oval:def:2501363 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:89051596 This update for nodejs18 fixes the following issues: Update to 18.19.1: * CVE-2024-21892: Code injection and privilege escalation through Linux capabilities . * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks . * CVE-2023-46809: Node.js is vu ... |