SUSE-SU-2022:2430-1 -- SLES nodejs12, npm12ID: oval:org.secpod.oval:def:89046796 | Date: (C)2022-07-20 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for nodejs12 fixes the following issues: - CVE-2022-32212: Fixed DNS rebinding in --inspect via invalid IP addresses . - CVE-2022-32213: Fixed HTTP request smuggling due to flawed parsing of Transfer-Encoding . - CVE-2022-32214: Fixed HTTP request smuggling due to improper delimiting of header fields . - CVE-2022-32215: Fixed HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding .
Platform: |
SUSE Linux Enterprise Server 15 SP2 |