Download
| Alert*
oval:org.secpod.oval:def:1801948
The Node.js project will release new versions of all supported release lines on or shortly after Tuesday, April 6th, 2021. *Impact: The 14.x release line of Node.js is vulnerable to three high severity issues. The 12.x release line of Node.js is vulnerable to three high severity issues. The 10.x ... oval:org.secpod.oval:def:69637 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when validating u ... oval:org.secpod.oval:def:69635 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-validate: impro ... oval:org.secpod.oval:def:69629 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs-y18n: prototype pollution vulnerability * c-ares: ares_parse_{a,aaaa}_reply insufficient naddrttls validation DoS * nodejs-ajv: prototype po ... oval:org.secpod.oval:def:505241 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix: * nodejs-y18n: prototype pollution vulnerability * c-ares: ares_parse_{a,aaaa}_reply insufficient naddrttls validation DoS * nodejs-ajv: prototype po ... oval:org.secpod.oval:def:4501265 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when validating u ... oval:org.secpod.oval:def:4501299 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-validate: impro ... oval:org.secpod.oval:def:505788 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when ... oval:org.secpod.oval:def:2500076 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:505217 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs . Security Fix: * nodejs-y18n: prototype pollution vulnerability * c-ares: ... oval:org.secpod.oval:def:2106716 Oracle Solaris 11 - ( CVE-2021-3450 ) oval:org.secpod.oval:def:505903 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs-npm-user-validate: improper input validation when validating u ... oval:org.secpod.oval:def:505900 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-validate: impro ... oval:org.secpod.oval:def:1504651 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503154 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89045478 This update for nodejs8 fixes the following issues: - update to npm 6.14.13 - CVE-2021-27290: Fixed ssri Regular Expression Denial of Service. - CVE-2021-23362: Fixed hosted-git-info Regular Expression Denial of Service - CVE-2021-22884: DNS rebinding in --inspect oval:org.secpod.oval:def:89045099 This update for nodejs10 fixes the following issues: Update nodejs10 to 10.24.1. Including fixes for - CVE-2021-22918: libuv upgrade - Out of bounds read - CVE-2021-27290: ssri Regular Expression Denial of Service - CVE-2021-23362: hosted-git-info Regular Expression Denial of Service - CVE-2020-7 ... oval:org.secpod.oval:def:505948 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs10-nodejs . Security Fix: * libuv: buffer overflow in realpath * nodejs-npm-user-val ... oval:org.secpod.oval:def:2500278 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. oval:org.secpod.oval:def:1504649 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500287 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. |