Lucene search
Gentoo FoundationMGASA-2021-0092HistoryMar 01, 2021 - 2:16 a.m.
Updated nodejs packages fix security vulnerabilities
2021-03-0102:16:12
Gentoo Foundation
advisories.mageia.org
20
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
79.4%
Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. Upgrade from Mageia 7 to 8 problem fixed.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 7 | noarch | nodejs | < 10.24.0-10 | nodejs-10.24.0-10.mga7 |
| Mageia | 8 | noarch | nodejs | < 14.16.0-1 | nodejs-14.16.0-1.mga8 |
Related
nessus
nessus
RHEL 8 : nodejs:12 (RHSA-2021:0739)
2021-03-08 00:00:00
RHEL 8 : nodejs:12 (RHSA-2021:0734)
2021-03-05 00:00:00
RHEL 7 : rh-nodejs14-nodejs (RHSA-2021:0830)
2022-09-15 00:00:00
osv
osv
Important: nodejs:14 security and bug fix update
2021-03-08 09:55:44
nodejs vulnerabilities
2023-10-05 08:45:53
Important: nodejs:10 security update
2021-03-04 15:17:39
redhat
redhat
(RHSA-2021:0735) Important: nodejs:10 security update
2021-03-04 15:17:39
(RHSA-2021:0734) Important: nodejs:12 security update
2021-03-04 15:17:37
(RHSA-2021:0744) Important: nodejs:14 security and bug fix update
2021-03-08 09:55:44
almalinux
almalinux
Important: nodejs:10 security update
2021-03-04 15:17:39
Important: nodejs:14 security and bug fix update
2021-03-08 09:55:44
Important: nodejs:12 security update
2021-03-04 15:17:37
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:0650-1)
2021-06-09 00:00:00
Debian: Security Advisory (DSA-4863-1)
2021-02-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0648-1)
2021-06-09 00:00:00
ubuntu
ubuntu
Node.js vulnerabilities
2023-10-05 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: nodejs-12.21.0-2.fc32
2021-03-12 00:07:47
[SECURITY] Fedora 34 Update: nodejs-14.16.0-1.fc34
2021-03-19 20:26:10
[SECURITY] Fedora 33 Update: nodejs-14.16.0-1.fc33
2021-03-11 23:38:48
debian
debian
[SECURITY] [DSA 4863-1] nodejs security update
2021-02-24 19:25:39
ibm
ibm
rocky
rocky
nodejs:14 security and bug fix update
2021-03-08 09:55:44
nodejs:12 security update
2021-03-04 15:17:37
nodejs:10 security update
2021-03-04 15:17:39
oraclelinux
oraclelinux
nodejs:12 security update
2021-03-05 00:00:00
nodejs:10 security update
2021-03-05 00:00:00
nodejs:14 security and bug fix update
2021-03-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 14.16.0-alt1
2021-02-23 00:00:00
Security fix for the ALT Linux 9 package node version 14.16.0-alt1
2021-03-16 00:00:00
suse
suse
Security update for nodejs14 (important)
2021-02-28 00:00:00
Security update for nodejs12 (important)
2021-02-28 00:00:00
Security update for nodejs10 (important)
2021-03-03 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0330
2021-03-19 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0373
2021-03-22 00:00:00
Important Photon OS Security Update - PHSA-2021-0330
2021-03-16 00:00:00
freebsd
freebsd
Node.js -- February 2021 Security Releases
2021-02-23 00:00:00
Node.js -- July 7th 2022 Security Releases
2022-07-05 00:00:00
MySQL -- Multiple vulnerabilities
2021-07-20 00:00:00
nodejsblog
nodejsblog
February 2021 Security Releases
2021-02-23 00:00:00
July 7th 2022 Security Releases
2022-07-07 00:00:00
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2021-03-03 18:15:00
Code injection
2021-03-03 18:15:00
nvd
nvd
CVE-2021-22883
2021-03-03 18:15:14
CVE-2021-22884
2021-03-03 18:15:14
hackerone
hackerone
Node.js: DNS rebinding in --inspect (insufficient fix of CVE-2018-7160)
2020-12-31 23:31:42
alpinelinux
alpinelinux
CVE-2021-22883
2021-03-03 18:15:14
CVE-2021-22884
2021-03-03 18:15:14
cve
cve
CVE-2021-22883
2021-03-03 18:15:14
CVE-2021-22884
2021-03-03 18:15:14
cvelist
cvelist
CVE-2021-22883
2021-03-03 17:38:32
CVE-2021-22884
2021-03-03 17:37:46
ubuntucve
ubuntucve
CVE-2021-22883
2021-03-03 00:00:00
CVE-2021-22884
2021-03-03 00:00:00
veracode
veracode
DNS Rebinding
2021-02-24 17:20:17
Denial Of Service (DoS)
2021-02-24 17:20:16
debiancve
debiancve
CVE-2021-22883
2021-03-03 18:15:14
CVE-2021-22884
2021-03-03 18:15:14
ics
ics
Hitachi Energy e-mesh EMS
2022-03-31 12:00:00
Siemens SINEC INS
2022-03-10 12:00:00
gentoo
gentoo
Node.js: Multiple Vulnerabilities
2024-05-08 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
79.4%
Related for MGASA-2021-0092