Download
| Alert*
|
oval:org.secpod.oval:def:704553
nodejs is installed oval:org.secpod.oval:def:106699 nodejs is installed oval:org.secpod.oval:def:2001156 Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbi ... oval:org.secpod.oval:def:110793 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:119123 Node.js is a platform built on Chromes JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:66538 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * ICU: Integer overflow in UnicodeString::doAppend For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ... oval:org.secpod.oval:def:66537 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * ICU: Integer overflow in UnicodeString::doAppend For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ... oval:org.secpod.oval:def:118575 Node.js is a platform built on Chromes JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:503637 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * ICU: Integer overflow in UnicodeString::doAppend For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ... oval:org.secpod.oval:def:503635 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * ICU: Integer overflow in UnicodeString::doAppend For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ... oval:org.secpod.oval:def:113564 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:113799 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:115002 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:115034 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:19500039 This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library oval:org.secpod.oval:def:93895 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:1503067 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:117717 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:111522 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:106045 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:4501366 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: HTTP2 "unknownProtocol" cause DoS by resource exhaustion * n ... oval:org.secpod.oval:def:2500514 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:605391 Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code or HTTP request smuggling. oval:org.secpod.oval:def:95050 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:2500494 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1504767 nodejs [1:14.16.0-2] - Resolves: RHBZ#1932427 - remove --debug-nghttp2 option [1:14.16.0-1] - Resolves: RHBZ#1932317, RHBZ#1932425 - Rebase, remove ini patch [1:14.15.4-2] - Add patch for yarn crash - Resolves: RHBZ#1916465 [1:14.15.4-1] - Security rebase to 14.15.4 - https://nodejs.org/en/blog/vuln ... oval:org.secpod.oval:def:1504648 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504768 nodejs [1:10.24.0-1] - Resolves: RHBZ#1932373, RHBZ#1932426 - Resolves CVE-2021-22883 and CVE-2021-22884 - remove -debug-nghttp2 flag - remove ini patch merged upstream oval:org.secpod.oval:def:69881 Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. oval:org.secpod.oval:def:2500280 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:69846 Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code or HTTP request smuggling. oval:org.secpod.oval:def:1504741 nodejs [1:12.21.0-1] - Resolves: RHBZ#1932315, RHBZ#1932424 - remove --debug-nghttp2 option - remove ini patch - Backport patch to use getauxval oval:org.secpod.oval:def:708427 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:108462 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:108196 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:108506 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:108059 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:108055 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:1502855 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2600275 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2600271 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1506741 nodejs [1:16.19.1-2] - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 oval:org.secpod.oval:def:507835 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * c-ares: 0-byte UDP payload Denial of Service * c-ares: Buffer Underwrite in ares_inet_net_pton * c-ares: Insufficient randomness in generation of D ... oval:org.secpod.oval:def:1506600 [1:16.19.1-2] - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 oval:org.secpod.oval:def:507805 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * c-ares: 0-byte UDP payload Denial of Service * c-ares: Buffer Underwrite in ares_inet_net_pton * c-ares: Insufficient randomness in generation of D ... oval:org.secpod.oval:def:1506607 nodejs [1:18.14.2-3] - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 oval:org.secpod.oval:def:5800173 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * c-ares: 0-byte UDP payload Denial of Service * c-ares: Buffer Underwrite in ares_inet_net_pton * c-ares: Insufficient randomness in generation of D ... oval:org.secpod.oval:def:507834 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * c-ares: 0-byte UDP payload Denial of Service * c-ares: buffer overflow in config_sortlist due to missing string length check * c-ares: Buffer Under ... oval:org.secpod.oval:def:1506732 nodejs [1:18.14.2-3] - Update bundled c-ares to 1.19.1 Resolves: CVE-2022-4904 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 oval:org.secpod.oval:def:2500478 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2500264 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:4500029 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Re ... oval:org.secpod.oval:def:4500004 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Re ... oval:org.secpod.oval:def:4500027 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . For more details about the security issue, including the impact, a CVSS score, ackno ... oval:org.secpod.oval:def:4500049 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . For more details about the security issue, including the impact, a CVSS score, ackno ... oval:org.secpod.oval:def:2500453 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2500310 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1504649 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505062 nodejs [1:14.17.3-2] - Resolves: RHBZ#1980032, RHBZ#1978203 - Resolves RHBZ#1842826 - Don"t use patch3 [1:14.17.3-1] - Resolves: RHBZ#1980032, RHBZ#1978203 - Resolves RHBZ#1842826 - Resolves CVE-2021-22918, use system cipher list [1:14.16.0-3] - Resolves: RHBZ#1930775 - Always build with systemtap oval:org.secpod.oval:def:1505061 nodejs [1:12.22.3-2] - Resolves: RHBZ#1980031, RHBZ#1978201 - Fix typo, BR systemtap-sdt-level always, remove y18n patch [1:12.22.3-1] - Resolves: RHBZ#1980031, RHBZ#1978201 - Resolves #1952915 - Resolves CVE-2021-22918, use system cipher list nodejs-nodemon [2.0.3-1] - Resolves: RHBZ#1920692, RHBZ# ... oval:org.secpod.oval:def:1504651 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:506289 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-hosted-git-info: Regular Expression denial of service via sho ... oval:org.secpod.oval:def:94969 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:66556 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nghttp2: overly large SETTINGS frames can lead to DoS * nodejs-minim ... oval:org.secpod.oval:def:66557 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nghttp2: overly large SETTINGS frames can lead to DoS * nodejs-minim ... oval:org.secpod.oval:def:64151 Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:19500344 The use of Module._load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.Please note that at the time this CVE was issued, the policy mechanism is an experimental feature of Node.js.Impacts:This vulnerability affects all users using the exp ... oval:org.secpod.oval:def:5800202 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: Permissions policies can be bypassed via Module._load * nod ... oval:org.secpod.oval:def:93329 An untrusted search path vulnerability was discovered in Node.js, which could result in unexpected searching or loading ICU data when running with elevated privileges. oval:org.secpod.oval:def:19500546 When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check.Impacts:This vulnerability affects all users usi ... oval:org.secpod.oval:def:19500302 A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. It is possible to bypass Per ... oval:org.secpod.oval:def:5800169 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * c-ares: buffer overflow in config_sortlist due to mi ... oval:org.secpod.oval:def:4501408 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * decode-uri-component: improper input validation resulting in DoS * g ... oval:org.secpod.oval:def:19500242 An untrusted search path vulnerability exists in Node.js. less than 19.6.1, less than 18.14.1, less than 16.19.1, and less than 14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges oval:org.secpod.oval:def:19500257 In some cases Node.js did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service oval:org.secpod.oval:def:507696 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * glob-parent: Regular Expression Denial of Service * c-ares: buffer o ... oval:org.secpod.oval:def:19500325 Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service via the function new Range, when untrusted user data is provided as a range. Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeep ... oval:org.secpod.oval:def:96801 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:708682 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:2004481 HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed oval:org.secpod.oval:def:1504519 nodejs [1:10.19.0-1] - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 [1:10.16.3-1] - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518 [1:10.14.1-1] - Resolves: RHBZ#1644207 - fixes node-gyp permissions - rebase [1:10.11.0-2] - BuildRequire nodejs-packaging for proper npm dependenc ... oval:org.secpod.oval:def:1504526 nodejs [1:12.16.1-1] - Resolves: RHBZ#1800393, RHBZ#1800394, RHBZ#1800380 - Rebase to 12.16.1 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:2004626 Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate oval:org.secpod.oval:def:2004627 Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons oval:org.secpod.oval:def:507702 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * c-ares: buffer overflow in config_sortlist due to mi ... oval:org.secpod.oval:def:507803 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * c-ares: 0-byte UDP payload Denial of Service * c-ares: Buffer Underwrite in ares_inet_net_pton * c-ares: Insufficient randomness in generation of D ... oval:org.secpod.oval:def:98743 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:98769 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:507869 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: mainModule.proto bypass experimental policy mechanism * nodejs: process ... oval:org.secpod.oval:def:507870 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: mainModule.proto bypass experimental policy mechanism * nodejs: process ... oval:org.secpod.oval:def:96942 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data. oval:org.secpod.oval:def:4501492 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: mainModule.proto bypass experimental policy mechanism * nodejs: process ... oval:org.secpod.oval:def:507896 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: mainModule.proto bypass experimental policy mechanism * nodejs: process ... oval:org.secpod.oval:def:19500307 The use of proto in process.mainModule.proto.require can bypass the policy mechanism and require modules outside of the policy.json definition.This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x.Please note that at the time t ... oval:org.secpod.oval:def:1506888 nodejs [1:18.16.1-1] - Rebase to 18.16.1 Resolves: rhbz#2188292 rhbz#2187683 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz#2222285 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1506899 [1:16.20.1-1] - Rebase to 16.20.1 Resolves: rhbz#2188291 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz#2177781 oval:org.secpod.oval:def:507900 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: mainModule.proto bypass experimental policy mechanism * nodejs: process ... oval:org.secpod.oval:def:612882 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data. oval:org.secpod.oval:def:506285 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-hosted-git-info: Regular Expression denial of service via sho ... oval:org.secpod.oval:def:708602 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:4501368 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * nodejs-json-schema: Prototype pollution vulnerabili ... oval:org.secpod.oval:def:4500827 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-minimatch: ReDoS via the braceExpand function * nodejs: DNS ... oval:org.secpod.oval:def:2600024 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2600143 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1506321 nodejs [1:16.18.1-3] - Update sources of undici WASM blobs Resolves: rhbz#2151546 [1:16.18.1-2] - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 [1:16.18.1-1] - Rebase + CVE fixes - Resolves: #214280 ... oval:org.secpod.oval:def:1506336 nodejs [1:14.21.1-2] - Apply upstream fix for CVE-2022-24999 Resolves: CVE-2022-24999 - Record CVEs fixed by current or previous upstream releases Resolves: CVE-2021-44906 [1:14.21.1-1] - Rebase to version 14.21.1 Resolves: rhbz#2129805 CVE-2022-43548 CVE-2022-3517 oval:org.secpod.oval:def:507145 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: DNS rebinding in --inspect via invalid IP addresses * nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding * nodejs: H ... oval:org.secpod.oval:def:96486 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:94744 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:1506186 nodejs [1:14.20.1-2] - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 [1:14.20.1-1] - Rebase to version 14.20.1 Resolves: CVE-2022-35256 nodejs-packaging [23-3] - Updated - Removed pathfix.py [23-2] - Rebuilt f ... oval:org.secpod.oval:def:507151 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs-ansi-regex: Regular expression denial of service matching ANSI escape codes * nodejs: DNS rebinding in --inspect via invalid IP addresses * ... oval:org.secpod.oval:def:2600065 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:4501155 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * nodejs-minimatch: ReDoS via the braceExpand functio ... oval:org.secpod.oval:def:507284 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs: Improper handling of URI Subject Alternative Names * nodejs: Certificate Verification Bypass via String Injection * nodejs: Incorrect handl ... oval:org.secpod.oval:def:2500549 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:507162 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * nodejs-ini: Prototype pollution via malicious INI f ... oval:org.secpod.oval:def:2500798 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:2500899 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:5800022 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * minimist: prototype pollution * nodejs-minimatch: R ... oval:org.secpod.oval:def:19500180 An HTTP Request Smuggling vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied , an attacker can use this flaw to inject arbitrary messages through the proxy. The highest t ... oval:org.secpod.oval:def:1506382 nodejs [1:16.18.1-3] - Update sources of undici WASM blobs Resolves: rhbz#2151617 [1:16.18.1-2] - Add back libs and v8-devel subpackages - Related: RHBZ#2121126 - Record previously fixed CVE - Resolves: CVE-2021-44906 [1:16.18.1-1] - Rebase + CVEs - Resolves: #2142808 - Resolves: #2142826, #2131745, ... oval:org.secpod.oval:def:96456 nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js. oval:org.secpod.oval:def:4501076 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs , nodejs-nodemon . Security Fix: * nodejs: Improper handling of URI Subject Alternative Names ... oval:org.secpod.oval:def:1506032 nodejs [16.16.0-1] - Rebase to version 16.16.0 Resolves: RHBZ#2106290 Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 [16.14.0-5] - Decouple dependency bundling from bootstrapping nodejs-nodemon oval:org.secpod.oval:def:88368 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution. oval:org.secpod.oval:def:608615 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution. oval:org.secpod.oval:def:507484 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * minimist: prototype pollution * nodejs-minimatch: R ... oval:org.secpod.oval:def:1505999 nodejs [1:16.16.0-3] - Fix build - Resolves: RHBZ#2111416 [1:16.16.0-2] - Refactor spec - Resolves: RHBZ#2111416 [1:16.16.0-1] - Rebase to latest version - Resolves: RHBZ#2106369 - CVE fixes for CVE-2022-32212/3/4/5 - Resolves: #2109578, #2109581, #2109584, #2109588 nodejs-nodemon [2.0.19-2] - Switc ... oval:org.secpod.oval:def:1506174 nodejs [1:18.8.0-1] - Rebase to version 18.8.0 - Include sources for WASM blobs nodejs-packaging [2021.06-4] - NPM bundler: also find namespaced bundled dependencies [2021.06-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild [2021.06-2] - Fix hard-coded output directory in the b ... oval:org.secpod.oval:def:610359 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup. oval:org.secpod.oval:def:2500223 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:507424 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * nodejs-minimatch: ReDoS via the braceExpand functio ... oval:org.secpod.oval:def:507425 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-minimatch: ReDoS via the braceExpand function * nodejs: DNS ... oval:org.secpod.oval:def:2500853 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1506004 nodejs [1:14.20.0-2] - Replace with_* macros with RPM confitionals - Unify configure calls into single command - Refactor bootstrap-related parts - Decouple dependency bundling from bootstrapping - Resolves: RHBZ#2111417 [1:14.20.0-1] - Rebase to latest version - Resolves: RHBZ#2106367 - CVE fixes f ... oval:org.secpod.oval:def:89327 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup. oval:org.secpod.oval:def:4501212 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs , nodejs-nodemon . Security Fix: * minimist: prototype pollution * node-fetch: exposur ... oval:org.secpod.oval:def:5800075 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: weak randomness in WebCrypto keygen * nodejs: HTTP Request S ... oval:org.secpod.oval:def:507339 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: weak randomness in WebCrypto keygen * nodejs: HTTP Request ... oval:org.secpod.oval:def:1505721 nodejs [1:16.14.0-4] - Apply lock file validation fixes - Resolves CVE-2021-43616 - Resolves: RHBZ#2070012 oval:org.secpod.oval:def:2600119 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:58206 Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent ... oval:org.secpod.oval:def:58207 Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time ... oval:org.secpod.oval:def:2000328 Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to ma ... oval:org.secpod.oval:def:114233 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:112647 Node.js is a platform built on Chromes JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:112769 Node.js is a platform built on Chromes JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:1901412 Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. oval:org.secpod.oval:def:107612 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:2001510 The `"path"` module in the Node.js 4.x release line contains a potential regular expression denial of service vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The regular expression, `splitPathRe`, used within the `"p ... oval:org.secpod.oval:def:2000562 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers , and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocat ... oval:org.secpod.oval:def:112638 Node.js is a platform built on Chromes JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:111426 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:114253 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:2000556 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse to determine the URL hostname, that hostname can be spoofed by using a mixed case "javascript:" protocol . If security deci ... oval:org.secpod.oval:def:1900816 Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to ma ... oval:org.secpod.oval:def:1900819 The `"path"` module in the Node.js 4.x release line contains a potential regular expression denial of service vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The regular expression, `splitPathRe`, used within the `"p ... oval:org.secpod.oval:def:1901002 In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding , `Buffer#write` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input byt ... oval:org.secpod.oval:def:1901008 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. oval:org.secpod.oval:def:2001064 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. oval:org.secpod.oval:def:2000410 Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of No ... oval:org.secpod.oval:def:1901453 All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where obje ... oval:org.secpod.oval:def:1901335 Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of No ... oval:org.secpod.oval:def:113374 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:107492 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:58202 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to ... oval:org.secpod.oval:def:58203 Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory ... oval:org.secpod.oval:def:58204 Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. oval:org.secpod.oval:def:58205 Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STRE ... oval:org.secpod.oval:def:2000601 Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots en ... oval:org.secpod.oval:def:2000048 In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding , `Buffer#write` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input byt ... oval:org.secpod.oval:def:1900750 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers , and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocat ... oval:org.secpod.oval:def:113425 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:1900875 The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. oval:org.secpod.oval:def:1900190 Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0,v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8snapshots enab ... oval:org.secpod.oval:def:1901134 The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has b ... oval:org.secpod.oval:def:1901493 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse to determine the URL hostname, that hostname can be spoofed by using a mixed case "javascript:" protocol . If security deci ... oval:org.secpod.oval:def:110187 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:2000949 The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has b ... oval:org.secpod.oval:def:114656 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:1900785 The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters in the HTTP header, as demonstra ... oval:org.secpod.oval:def:2000249 Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter. oval:org.secpod.oval:def:604825 Multiple vulnerabilities were discovered in Node.js, which could result in denial of service or HTTP request smuggling. oval:org.secpod.oval:def:110143 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:1502685 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114737 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. oval:org.secpod.oval:def:66455 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * HTTP/2: large amount of data requests leads to denial of service * H ... oval:org.secpod.oval:def:1507403 [1:16.20.2-4.0.1] - reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks Resolves: CVE-2024-22019 oval:org.secpod.oval:def:1507409 nodejs [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:1507411 nodejs [1:18.19.1-1] - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 - Fixes: CVE-2023-46809 nodejs-nodemon nodejs-packaging oval:org.secpod.oval:def:509150 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: code injection and privilege escalation through Linux capabilities nodejs: reading unprocessed HTTP request with unbounded chunk extension all ... oval:org.secpod.oval:def:19500653 A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if they have been set by an unprivileged user while the process is running with elevated privileges, with the exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrec ... oval:org.secpod.oval:def:509162 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks nodejs: vulnerable to timing variant of the Bleichenbacher ... oval:org.secpod.oval:def:19500657 NOTE: https://nodejs.org/en/blog/release/v18.19.1NOTE: https://github.com/nodejs/node/commit/f31d47e135973746c4f490d5eb635eded8bb3dda NOTE: https://github.com/nodejs/node/commit/9052ef43dc2d1b0db340591a9bc9e45a25c01d90 Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already c ... oval:org.secpod.oval:def:1507401 nodejs [1:16.20.2-4.0.1] - reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks Resolves: CVE-2024-22019 nodejs-nodemon nodejs-packaging [26-1] - nodejs.prov: find namespaced bundled dependencies - Apply https://src.fedoraproject.org/rpms/nodejs-packaging/c/e24e7df oval:org.secpod.oval:def:95287 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) * nodejs: permission model impr ... oval:org.secpod.oval:def:19500548 The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023 oval:org.secpod.oval:def:93996 An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. oval:org.secpod.oval:def:93994 An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. oval:org.secpod.oval:def:94002 An update for nodejs is now available for Red Hat Enterprise Linux 9. oval:org.secpod.oval:def:94004 An update for nghttp2 is now available for Red Hat Enterprise Linux 9. oval:org.secpod.oval:def:2501266 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. |
