SUSE-SU-2022:1462-1 -- SLES nodejs14, npm14ID: oval:org.secpod.oval:def:89046279 | Date: (C)2022-05-25 (M)2023-12-07 |
Class: PATCH | Family: unix |
This update for nodejs14 fixes the following issues: - CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt reachable when parsing certificates . - CVE-2021-44906: Fixed a prototype pollution in node-minimist . - CVE-2021-44907: Fixed a potential Denial of Service vulnerability in node-qs . - CVE-2022-0235: Fixed an exposure of sensitive information to an unauthorized actor in node-fetch .
Platform: |
SUSE Linux Enterprise Server 15 SP2 |