Lucene search
SuseOPENSUSE-SU-2020:0059-1HistoryJan 15, 2020 - 12:00 a.m.
Security update for nodejs8 (important)
2020-01-1500:00:00
lists.opensuse.org
69
0.002 Low
EPSS
Percentile
56.6%
An update that fixes three vulnerabilities is now available.
Description:
This update for nodejs8 to version 8.17.0 fixes the following issues:
Security issues fixed:
- CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4,
fixing an arbitrary path overwrite and access via “bin” field
(bsc#1159352).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-59=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | i586 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.i586.rpm | |
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.1 | noarch | < - openSUSE Leap 15.1 (noarch): | - openSUSE Leap 15.1 (noarch):.noarch.rpm |
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0247-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0104-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2020:0059_1)
2020-01-27 00:00:00
nessus
nessus
SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2020:0063-1)
2020-01-13 00:00:00
openSUSE Security Update : nodejs8 (openSUSE-2020-59)
2020-01-15 00:00:00
SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2020:0104-1)
2020-01-16 00:00:00
osv
osv
nodejs:12 enhancement update
2020-02-04 08:35:22
Important: nodejs:10 security update
2020-02-25 07:57:02
Important: nodejs:10 security update
2020-02-25 07:57:02
ibm
ibm
Security Bulletin: Vulnerability in npm affects IBM VM Recovery Manager DR
2021-07-30 21:12:22
Security Bulletin: Vulnerability in npm affects IBM VM Recovery Manager HA
2021-07-30 21:03:51
rocky
rocky
12 enhancement update
2020-02-04 08:35:22
nodejs:10 security update
2020-02-25 07:57:02
freebsd
freebsd
NPM -- Multiple vulnerabilities
2019-12-18 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libuv-1.34.1-1.fc31
2020-01-24 17:08:56
[SECURITY] Fedora 31 Update: nodejs-12.14.1-3.fc31
2020-01-24 17:08:57
almalinux
almalinux
Important: nodejs:10 security update
2020-02-25 07:57:02
redhat
redhat
(RHSA-2020:0573) Important: nodejs:10 security update
2020-02-24 12:24:24
(RHSA-2020:0579) Important: nodejs:10 security update
2020-02-25 07:57:02
(RHSA-2020:0597) Important: rh-nodejs10-nodejs security update
2020-02-25 12:25:49
oraclelinux
oraclelinux
nodejs:10 security update
2020-02-26 00:00:00
prion
prion
nvd
nvd
ubuntucve
ubuntucve
veracode
veracode
Arbitrary File Overwrite
2019-12-12 03:16:20
Arbitrary File Overwrite
2020-01-08 02:22:48
Unauthorized File Access
2019-12-12 02:26:11
cvelist
cvelist
CVE-2019-16777 Arbitrary File Overwrite in npm CLI
2019-12-13 01:00:21
github
github
Arbitrary File Write in npm
2019-12-13 15:39:19
npm Vulnerable to Global node_modules Binary Overwrite
2019-12-13 15:39:32
npm symlink reference outside of node_modules
2019-12-13 15:39:26
redhatcve
redhatcve
cve
cve
debiancve
debiancve
symantec
symantec
npm CLI CVE-2019-16776 Arbitrary File Write Vulnerability
2019-12-11 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2020-09-27 23:06:37
gentoo
gentoo
Node.js: Multiple vulnerabilities
2020-03-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00