Download
| Alert*
oval:org.secpod.oval:def:509162
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks nodejs: vulnerable to timing variant of the Bleichenbacher ... oval:org.secpod.oval:def:2600534 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:2600535 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:509183 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding nodejs: reading unprocessed HTTP request with unbounded ... oval:org.secpod.oval:def:4501545 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks * nodejs: vulnerable to timing variant of the Bleichenbac ... oval:org.secpod.oval:def:19500644 The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path.This misleading documentation affects all users using the experimental permission model in active release lines: 20.x and 21.x.Please note that at the time this ... oval:org.secpod.oval:def:509146 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks For more details about the security issue, including the im ... oval:org.secpod.oval:def:1507411 nodejs [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:2501366 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:5800219 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: code injection and privilege escalation through Linux capabilities * nodejs: reading unprocessed HTTP request with unbounded chunk extension ... oval:org.secpod.oval:def:2600526 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:3302451 Security update for nodejs16 oval:org.secpod.oval:def:2501363 Node.js is a software development platform for building fast and scalable oval:org.secpod.oval:def:509150 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: code injection and privilege escalation through Linux capabilities nodejs: reading unprocessed HTTP request with unbounded chunk extension all ... oval:org.secpod.oval:def:509194 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding nodejs: reading unprocessed HTTP request with unbounded ... oval:org.secpod.oval:def:19500653 A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if they have been set by an unprivileged user while the process is running with elevated privileges, with the exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrec ... oval:org.secpod.oval:def:1507444 nodejs [1:20.11.1-1] - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1507446 nodejs [1:20.11.1-1] - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1507403 [1:16.20.2-4.0.1] - reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks Resolves: CVE-2024-22019 oval:org.secpod.oval:def:99454 The host is installed with Node.js 18.x before 18.19.1, 20.x before 20.11.1, or 21.x before 21.6.2 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle a specially crafted HTTP request with chunked encoding. Successful exploitation could allow ... oval:org.secpod.oval:def:1507409 nodejs [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:89051591 This update for nodejs16 fixes the following issues: Security issues fixed: * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack . * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks . * CVE-2024-22025: Denial of Service by resource exh ... oval:org.secpod.oval:def:89051592 This update for nodejs16 fixes the following issues: Security issues fixed: * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack . * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks . * CVE-2024-22025: Denial of Service by resource exh ... oval:org.secpod.oval:def:89051596 This update for nodejs18 fixes the following issues: Update to 18.19.1: * CVE-2024-21892: Code injection and privilege escalation through Linux capabilities . * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks . * CVE-2023-46809: Node.js is vu ... oval:org.secpod.oval:def:89051582 This update for nodejs14 fixes the following issues: Security issues fixed: * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack . * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks . * CVE-2024-22025: Denial of Service by resource exh ... oval:org.secpod.oval:def:89051584 This update for nodejs12 fixes the following issues: Security issues fixed: * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack . * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks . * CVE-2024-22025: Denial of Service by resource exh ... oval:org.secpod.oval:def:509147 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are vul ... oval:org.secpod.oval:def:1507401 nodejs [1:16.20.2-4.0.1] - reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks Resolves: CVE-2024-22019 nodejs-nodemon nodejs-packaging [26-1] - nodejs.prov: find namespaced bundled dependencies - Apply https://src.fedoraproject.org/rpms/nodejs-packaging/c/e24e7df oval:org.secpod.oval:def:2501355 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:4501549 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks * nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are ... |