[ALPINE:CVE-2022-35255] nodejs, nodejs-current vulnerability
Severity
Critical
Fixed Packages
95
CVEs
1
[From CVE-2022-35255] A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.
- ID
- ALPINE:CVE-2022-35255
- Severity
- critical
- Severity from
- CVE-2022-35255
- URL
- https://security.alpinelinux.org/vuln/CVE-2022-35255
- Published
-
2022-12-05T22:15:10
(21 months ago) - Modified
-
2022-12-05T22:15:10
(21 months ago) - Rights
- Alpine Linux Security Team
- Other Advisories
-
- ALSA-2022:6963
- ALSA-2022:6964
- ALSA-2022:7821
- DSA-5326-1
- ELSA-2022-6963
- ELSA-2022-6964
- ELSA-2022-7821
- FEDORA-2022-1667f7b60a
- FEDORA-2022-52dec6351a
- FEDORA-2022-de515f765f
- GLSA-202405-29
- RHSA-2022:6963
- RHSA-2022:6964
- RHSA-2022:7821
- RLSA-2022:6964
- RLSA-2022:7821
- SUSE-SU-2022:3524-1
- SUSE-SU-2022:3615-1
- SUSE-SU-2022:3656-1
- SUSE-SU-2023:0408-1
- SUSE-SU-2023:0419-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Fixed | pkg:apk/alpine/nodejs?arch=x86_64&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | x86_64 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86_64&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86_64&distro=alpine-3.19 | alpine | nodejs | = 16.17.1-r0 | alpine-3.19 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86_64&distro=alpine-3.18 | alpine | nodejs | = 16.17.1-r0 | alpine-3.18 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86_64&distro=alpine-3.17 | alpine | nodejs | = 16.17.1-r0 | alpine-3.17 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86_64&distro=alpine-3.16 | alpine | nodejs | = 16.17.1-r0 | alpine-3.16 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86_64&distro=alpine-3.15 | alpine | nodejs | = 16.17.1-r0 | alpine-3.15 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | x86 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | x86 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86&distro=alpine-3.19 | alpine | nodejs | = 16.17.1-r0 | alpine-3.19 | x86 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86&distro=alpine-3.18 | alpine | nodejs | = 16.17.1-r0 | alpine-3.18 | x86 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86&distro=alpine-3.17 | alpine | nodejs | = 16.17.1-r0 | alpine-3.17 | x86 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86&distro=alpine-3.16 | alpine | nodejs | = 16.17.1-r0 | alpine-3.16 | x86 | |
Fixed | pkg:apk/alpine/nodejs?arch=x86&distro=alpine-3.15 | alpine | nodejs | = 16.17.1-r0 | alpine-3.15 | x86 | |
Fixed | pkg:apk/alpine/nodejs?arch=s390x&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | s390x | |
Fixed | pkg:apk/alpine/nodejs?arch=s390x&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | s390x | |
Fixed | pkg:apk/alpine/nodejs?arch=s390x&distro=alpine-3.19 | alpine | nodejs | = 16.17.1-r0 | alpine-3.19 | s390x | |
Fixed | pkg:apk/alpine/nodejs?arch=s390x&distro=alpine-3.18 | alpine | nodejs | = 16.17.1-r0 | alpine-3.18 | s390x | |
Fixed | pkg:apk/alpine/nodejs?arch=s390x&distro=alpine-3.17 | alpine | nodejs | = 16.17.1-r0 | alpine-3.17 | s390x | |
Fixed | pkg:apk/alpine/nodejs?arch=s390x&distro=alpine-3.16 | alpine | nodejs | = 16.17.1-r0 | alpine-3.16 | s390x | |
Fixed | pkg:apk/alpine/nodejs?arch=s390x&distro=alpine-3.15 | alpine | nodejs | = 16.17.1-r0 | alpine-3.15 | s390x | |
Fixed | pkg:apk/alpine/nodejs?arch=riscv64&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | riscv64 | |
Fixed | pkg:apk/alpine/nodejs?arch=riscv64&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | riscv64 | |
Fixed | pkg:apk/alpine/nodejs?arch=ppc64le&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | ppc64le | |
Fixed | pkg:apk/alpine/nodejs?arch=ppc64le&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs?arch=ppc64le&distro=alpine-3.19 | alpine | nodejs | = 16.17.1-r0 | alpine-3.19 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs?arch=ppc64le&distro=alpine-3.18 | alpine | nodejs | = 16.17.1-r0 | alpine-3.18 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs?arch=ppc64le&distro=alpine-3.17 | alpine | nodejs | = 16.17.1-r0 | alpine-3.17 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs?arch=ppc64le&distro=alpine-3.16 | alpine | nodejs | = 16.17.1-r0 | alpine-3.16 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs?arch=ppc64le&distro=alpine-3.15 | alpine | nodejs | = 16.17.1-r0 | alpine-3.15 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs?arch=armv7&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | armv7 | |
Fixed | pkg:apk/alpine/nodejs?arch=armv7&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | armv7 | |
Fixed | pkg:apk/alpine/nodejs?arch=armv7&distro=alpine-3.19 | alpine | nodejs | = 16.17.1-r0 | alpine-3.19 | armv7 | |
Fixed | pkg:apk/alpine/nodejs?arch=armv7&distro=alpine-3.18 | alpine | nodejs | = 16.17.1-r0 | alpine-3.18 | armv7 | |
Fixed | pkg:apk/alpine/nodejs?arch=armv7&distro=alpine-3.17 | alpine | nodejs | = 16.17.1-r0 | alpine-3.17 | armv7 | |
Fixed | pkg:apk/alpine/nodejs?arch=armv7&distro=alpine-3.16 | alpine | nodejs | = 16.17.1-r0 | alpine-3.16 | armv7 | |
Fixed | pkg:apk/alpine/nodejs?arch=armv7&distro=alpine-3.15 | alpine | nodejs | = 16.17.1-r0 | alpine-3.15 | armv7 | |
Fixed | pkg:apk/alpine/nodejs?arch=armhf&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | armhf | |
Fixed | pkg:apk/alpine/nodejs?arch=armhf&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | armhf | |
Fixed | pkg:apk/alpine/nodejs?arch=armhf&distro=alpine-3.19 | alpine | nodejs | = 16.17.1-r0 | alpine-3.19 | armhf | |
Fixed | pkg:apk/alpine/nodejs?arch=armhf&distro=alpine-3.18 | alpine | nodejs | = 16.17.1-r0 | alpine-3.18 | armhf | |
Fixed | pkg:apk/alpine/nodejs?arch=armhf&distro=alpine-3.17 | alpine | nodejs | = 16.17.1-r0 | alpine-3.17 | armhf | |
Fixed | pkg:apk/alpine/nodejs?arch=armhf&distro=alpine-3.16 | alpine | nodejs | = 16.17.1-r0 | alpine-3.16 | armhf | |
Fixed | pkg:apk/alpine/nodejs?arch=armhf&distro=alpine-3.15 | alpine | nodejs | = 16.17.1-r0 | alpine-3.15 | armhf | |
Fixed | pkg:apk/alpine/nodejs?arch=aarch64&distro=alpine-edge | alpine | nodejs | = 16.17.1-r0 | alpine-edge | aarch64 | |
Fixed | pkg:apk/alpine/nodejs?arch=aarch64&distro=alpine-3.20 | alpine | nodejs | = 16.17.1-r0 | alpine-3.20 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs?arch=aarch64&distro=alpine-3.19 | alpine | nodejs | = 16.17.1-r0 | alpine-3.19 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs?arch=aarch64&distro=alpine-3.18 | alpine | nodejs | = 16.17.1-r0 | alpine-3.18 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs?arch=aarch64&distro=alpine-3.17 | alpine | nodejs | = 16.17.1-r0 | alpine-3.17 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs?arch=aarch64&distro=alpine-3.16 | alpine | nodejs | = 16.17.1-r0 | alpine-3.16 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs?arch=aarch64&distro=alpine-3.15 | alpine | nodejs | = 16.17.1-r0 | alpine-3.15 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86_64&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | x86_64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86_64&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86_64&distro=alpine-3.19 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.19 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86_64&distro=alpine-3.18 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.18 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86_64&distro=alpine-3.17 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.17 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86_64&distro=alpine-3.16 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.16 | x86_64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | x86 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | x86 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86&distro=alpine-3.19 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.19 | x86 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86&distro=alpine-3.18 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.18 | x86 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86&distro=alpine-3.17 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.17 | x86 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=x86&distro=alpine-3.16 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.16 | x86 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=s390x&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | s390x | |
Fixed | pkg:apk/alpine/nodejs-current?arch=s390x&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | s390x | |
Fixed | pkg:apk/alpine/nodejs-current?arch=s390x&distro=alpine-3.19 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.19 | s390x | |
Fixed | pkg:apk/alpine/nodejs-current?arch=s390x&distro=alpine-3.18 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.18 | s390x | |
Fixed | pkg:apk/alpine/nodejs-current?arch=s390x&distro=alpine-3.17 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.17 | s390x | |
Fixed | pkg:apk/alpine/nodejs-current?arch=s390x&distro=alpine-3.16 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.16 | s390x | |
Fixed | pkg:apk/alpine/nodejs-current?arch=riscv64&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | riscv64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=riscv64&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | riscv64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=ppc64le&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | ppc64le | |
Fixed | pkg:apk/alpine/nodejs-current?arch=ppc64le&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs-current?arch=ppc64le&distro=alpine-3.19 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.19 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs-current?arch=ppc64le&distro=alpine-3.18 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.18 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs-current?arch=ppc64le&distro=alpine-3.17 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.17 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs-current?arch=ppc64le&distro=alpine-3.16 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.16 | ppc64le | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armv7&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | armv7 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armv7&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | armv7 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armv7&distro=alpine-3.19 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.19 | armv7 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armv7&distro=alpine-3.18 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.18 | armv7 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armv7&distro=alpine-3.17 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.17 | armv7 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armv7&distro=alpine-3.16 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.16 | armv7 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armhf&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | armhf | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armhf&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | armhf | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armhf&distro=alpine-3.19 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.19 | armhf | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armhf&distro=alpine-3.18 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.18 | armhf | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armhf&distro=alpine-3.17 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.17 | armhf | |
Fixed | pkg:apk/alpine/nodejs-current?arch=armhf&distro=alpine-3.16 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.16 | armhf | |
Fixed | pkg:apk/alpine/nodejs-current?arch=aarch64&distro=alpine-edge | alpine | nodejs-current | = 18.9.1-r0 | alpine-edge | aarch64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=aarch64&distro=alpine-3.20 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.20 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=aarch64&distro=alpine-3.19 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.19 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=aarch64&distro=alpine-3.18 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.18 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=aarch64&distro=alpine-3.17 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.17 | aarch64 | |
Fixed | pkg:apk/alpine/nodejs-current?arch=aarch64&distro=alpine-3.16 | alpine | nodejs-current | = 18.9.1-r0 | alpine-3.16 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |