[FREEBSD:7062BCE0-1B17-11EC-9D9D-0022489AD614] Node.js -- August 2021 Security Releases (2)
Severity
High
Affected Packages
1
CVEs
7
Node.js reports:
npm 6 update - node-tar, arborist, npm cli modules
These are vulnerabilities in the node-tar, arborist, and npm cli modules which are related to the initial reports and subsequent remediation of node-tar vulnerabilities CVE-2021-32803 and CVE-2021-32804. Subsequent internal security review of node-tar and additional external bounty reports have resulted in another 5 CVE being remediated in core npm CLI dependencies including node-tar, and npm arborist.
Package | Affected Version |
---|---|
pkg:freebsd/node14 | < 14.17.6 |
- ID
- FREEBSD:7062BCE0-1B17-11EC-9D9D-0022489AD614
- Severity
- high
- Severity from
- CVE-2021-37701
- URL
- http://vuxml.freebsd.org/freebsd/7062bce0-1b17-11ec-9d9d-0022489ad614.html
- Published
-
2021-08-31T00:00:00
(3 years ago) - Modified
-
2021-09-21T00:00:00
(3 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALPINE:CVE-2021-37701
- ALPINE:CVE-2021-37712
- ALPINE:CVE-2021-37713
- ALPINE:CVE-2021-39134
- ALPINE:CVE-2021-39135
- ALSA-2021:3623
- ALSA-2021:3666
- ALSA-2022:0350
- DSA-5008-1
- ELSA-2021-3623
- ELSA-2021-3666
- ELSA-2022-0350
- GLSA-202405-29
- NPM:GHSA-2H3H-Q99F-3FHC
- NPM:GHSA-3JFQ-G458-7QM9
- NPM:GHSA-5955-9WPR-37JH
- NPM:GHSA-9R2W-394V-53QC
- NPM:GHSA-GMW6-94GG-2RC2
- NPM:GHSA-QQ89-HQ3F-393P
- NPM:GHSA-R628-MHMH-QJHW
- openSUSE-SU-2021:1552-1
- openSUSE-SU-2021:1574-1
- openSUSE-SU-2021:3940-1
- openSUSE-SU-2021:3964-1
- openSUSE-SU-2022:0657-1
- openSUSE-SU-2022:0704-1
- openSUSE-SU-2022:0715-1
- RHEA-2022:5139
- RHSA-2021:3623
- RHSA-2021:3666
- RHSA-2022:0350
- RLEA-2022:5139
- RLSA-2021:3623
- RLSA-2021:3666
- RLSA-2022:0350
- SUSE-SU-2021:3886-1
- SUSE-SU-2021:3940-1
- SUSE-SU-2021:3964-1
- SUSE-SU-2022:0101-1
- SUSE-SU-2022:0531-1
- SUSE-SU-2022:0563-1
- SUSE-SU-2022:0569-1
- SUSE-SU-2022:0570-1
- SUSE-SU-2022:0657-1
- SUSE-SU-2022:0704-1
- SUSE-SU-2022:0715-1
- SUSE-SU-2022:1717-1
- USN-5283-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/node14 | node14 | < 14.17.6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |