Bugs fixes in "nodejs"
Origin | Bug number | Title | Date fixed |
---|---|---|---|
CVE | CVE-2022-43548 | A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that | 2023-11-21 |
CVE | CVE-2022-32212 | A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easil | 2023-11-21 |
CVE | CVE-2022-43548 | A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that | 2023-11-21 |
CVE | CVE-2022-35256 | The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HT | 2023-11-21 |
CVE | CVE-2022-32215 | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. Thi | 2023-11-21 |
CVE | CVE-2022-32214 | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. T | 2023-11-21 |
CVE | CVE-2022-32213 | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and | 2023-11-21 |
CVE | CVE-2022-32212 | A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easil | 2023-11-21 |
CVE | CVE-2022-43548 | A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that | 2023-11-21 |
CVE | CVE-2022-32212 | A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easil | 2023-11-21 |
CVE | CVE-2022-43548 | A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that | 2023-11-21 |
CVE | CVE-2022-35256 | The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HT | 2023-11-21 |
CVE | CVE-2022-32215 | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. Thi | 2023-11-21 |
CVE | CVE-2022-32214 | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. T | 2023-11-21 |
CVE | CVE-2022-32213 | The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and | 2023-11-21 |
CVE | CVE-2022-32212 | A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easil | 2023-11-21 |
CVE | CVE-2022-0778 | Infinite loop in BN_mod_sqrt() reachable when parsing certificates | 2023-10-30 |
CVE | CVE-2022-2097 | AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimi ... | 2023-10-30 |
CVE | CVE-2022-2068 | The c_rehash script allows command injection | 2023-10-30 |
CVE | CVE-2022-1292 | The c_rehash script does not properly sanitise shell metacharacters to ... | 2023-10-30 |
About
-
Send Feedback to @ubuntu_updates