Bugs fixes in "nodejs"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2022-2097 | AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimi ... | 2023-10-30 |
| CVE | CVE-2022-2068 | The c_rehash script allows command injection | 2023-10-30 |
| CVE | CVE-2022-1292 | The c_rehash script does not properly sanitise shell metacharacters to ... | 2023-10-30 |
| CVE | CVE-2022-0778 | Infinite loop in BN_mod_sqrt() reachable when parsing certificates | 2023-10-30 |
| CVE | CVE-2022-2097 | AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimi ... | 2023-10-30 |
| CVE | CVE-2022-2068 | The c_rehash script allows command injection | 2023-10-30 |
| CVE | CVE-2022-1292 | The c_rehash script does not properly sanitise shell metacharacters to ... | 2023-10-30 |
| CVE | CVE-2021-22884 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6 | 2023-10-05 |
| CVE | CVE-2021-22883 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownP | 2023-10-05 |
| CVE | CVE-2021-22884 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6 | 2023-10-05 |
| CVE | CVE-2021-22883 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownP | 2023-10-05 |
| CVE | CVE-2020-8287 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding h | 2023-09-19 |
| CVE | CVE-2020-8265 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS ena | 2023-09-19 |
| CVE | CVE-2020-8174 | napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. | 2023-09-19 |
| CVE | CVE-2020-8287 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding h | 2023-09-19 |
| CVE | CVE-2020-8265 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS ena | 2023-09-19 |
| CVE | CVE-2020-8174 | napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. | 2023-09-19 |
| Launchpad | 1863463 | Firefox 75 requires nodejs \u003e= 10.19 | 2020-04-29 |
| Launchpad | 1798367 | [SRU] nodejs should use openssl1.0 in testing as well | 2018-10-29 |
| Launchpad | 1798367 | [SRU] nodejs should use openssl1.0 in testing as well | 2018-10-18 |
About
-
Send Feedback to @ubuntu_updates
