1. Home
  2. Security Advisories
  3. Gentoo
  4. GLSA-202405-29

[GLSA-202405-29] Node.js: Multiple Vulnerabilities

Severity Low
Affected Packages 3
Unaffected Packages 3
CVEs 48
Info Packages References Vulnerabilities

Multiple vulnerabilities have been discovered in Node.js.

Background
Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine.

Description
Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details.

Impact
Please review the referenced CVE identifiers for details.

Workaround
There is no known workaround at this time.

Resolution
All Node.js 20 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/nodejs-20.5.1"

All Node.js 18 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/nodejs-18.17.1"

All Node.js 16 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/nodejs-16.20.2"

Package Affected Version
pkg:ebuild/net-libs/nodejs?distro=gentoo < 16.20.2
pkg:ebuild/net-libs/nodejs?distro=gentoo < 18.17.1
pkg:ebuild/net-libs/nodejs?distro=gentoo < 20.5.1
Package Unaffected Version
pkg:ebuild/net-libs/nodejs?distro=gentoo >= 16.20.2
pkg:ebuild/net-libs/nodejs?distro=gentoo >= 18.17.1
pkg:ebuild/net-libs/nodejs?distro=gentoo >= 20.5.1
ID
GLSA-202405-29
Severity
low
URL
https://security.gentoo.org/glsa/202405-29
Published
2024-05-08T00:00:00
(4 months ago)
Modified
2024-05-08T00:00:00
(4 months ago)
Rights
Gentoo Foundation, Inc.
Other Advisories
Source # ID Name URL
CVE CVE-2020-7774 CVE-2020-7774 https://nvd.nist.gov/vuln/detail/CVE-2020-7774
CVE CVE-2021-3672 CVE-2021-3672 https://nvd.nist.gov/vuln/detail/CVE-2021-3672
CVE CVE-2021-22883 CVE-2021-22883 https://nvd.nist.gov/vuln/detail/CVE-2021-22883
CVE CVE-2021-22884 CVE-2021-22884 https://nvd.nist.gov/vuln/detail/CVE-2021-22884
CVE CVE-2021-22918 CVE-2021-22918 https://nvd.nist.gov/vuln/detail/CVE-2021-22918
CVE CVE-2021-22930 CVE-2021-22930 https://nvd.nist.gov/vuln/detail/CVE-2021-22930
CVE CVE-2021-22931 CVE-2021-22931 https://nvd.nist.gov/vuln/detail/CVE-2021-22931
CVE CVE-2021-22939 CVE-2021-22939 https://nvd.nist.gov/vuln/detail/CVE-2021-22939
CVE CVE-2021-22940 CVE-2021-22940 https://nvd.nist.gov/vuln/detail/CVE-2021-22940
CVE CVE-2021-22959 CVE-2021-22959 https://nvd.nist.gov/vuln/detail/CVE-2021-22959
CVE CVE-2021-22960 CVE-2021-22960 https://nvd.nist.gov/vuln/detail/CVE-2021-22960
CVE CVE-2021-37701 CVE-2021-37701 https://nvd.nist.gov/vuln/detail/CVE-2021-37701
CVE CVE-2021-37712 CVE-2021-37712 https://nvd.nist.gov/vuln/detail/CVE-2021-37712
CVE CVE-2021-39134 CVE-2021-39134 https://nvd.nist.gov/vuln/detail/CVE-2021-39134
CVE CVE-2021-39135 CVE-2021-39135 https://nvd.nist.gov/vuln/detail/CVE-2021-39135
CVE CVE-2021-44531 CVE-2021-44531 https://nvd.nist.gov/vuln/detail/CVE-2021-44531
CVE CVE-2021-44532 CVE-2021-44532 https://nvd.nist.gov/vuln/detail/CVE-2021-44532
CVE CVE-2021-44533 CVE-2021-44533 https://nvd.nist.gov/vuln/detail/CVE-2021-44533
CVE CVE-2022-0778 CVE-2022-0778 https://nvd.nist.gov/vuln/detail/CVE-2022-0778
CVE CVE-2022-3602 CVE-2022-3602 https://nvd.nist.gov/vuln/detail/CVE-2022-3602
CVE CVE-2022-3786 CVE-2022-3786 https://nvd.nist.gov/vuln/detail/CVE-2022-3786
CVE CVE-2022-21824 CVE-2022-21824 https://nvd.nist.gov/vuln/detail/CVE-2022-21824
CVE CVE-2022-32212 CVE-2022-32212 https://nvd.nist.gov/vuln/detail/CVE-2022-32212
CVE CVE-2022-32213 CVE-2022-32213 https://nvd.nist.gov/vuln/detail/CVE-2022-32213
CVE CVE-2022-32214 CVE-2022-32214 https://nvd.nist.gov/vuln/detail/CVE-2022-32214
CVE CVE-2022-32215 CVE-2022-32215 https://nvd.nist.gov/vuln/detail/CVE-2022-32215
CVE CVE-2022-32222 CVE-2022-32222 https://nvd.nist.gov/vuln/detail/CVE-2022-32222
CVE CVE-2022-35255 CVE-2022-35255 https://nvd.nist.gov/vuln/detail/CVE-2022-35255
CVE CVE-2022-35256 CVE-2022-35256 https://nvd.nist.gov/vuln/detail/CVE-2022-35256
CVE CVE-2022-35948 CVE-2022-35948 https://nvd.nist.gov/vuln/detail/CVE-2022-35948
CVE CVE-2022-35949 CVE-2022-35949 https://nvd.nist.gov/vuln/detail/CVE-2022-35949
CVE CVE-2022-43548 CVE-2022-43548 https://nvd.nist.gov/vuln/detail/CVE-2022-43548
CVE CVE-2023-30581 CVE-2023-30581 https://nvd.nist.gov/vuln/detail/CVE-2023-30581
CVE CVE-2023-30582 CVE-2023-30582 https://nvd.nist.gov/vuln/detail/CVE-2023-30582
CVE CVE-2023-30583 CVE-2023-30583 https://nvd.nist.gov/vuln/detail/CVE-2023-30583
CVE CVE-2023-30584 CVE-2023-30584 https://nvd.nist.gov/vuln/detail/CVE-2023-30584
CVE CVE-2023-30586 CVE-2023-30586 https://nvd.nist.gov/vuln/detail/CVE-2023-30586
CVE CVE-2023-30587 CVE-2023-30587 https://nvd.nist.gov/vuln/detail/CVE-2023-30587
CVE CVE-2023-30588 CVE-2023-30588 https://nvd.nist.gov/vuln/detail/CVE-2023-30588
CVE CVE-2023-30589 CVE-2023-30589 https://nvd.nist.gov/vuln/detail/CVE-2023-30589
CVE CVE-2023-30590 CVE-2023-30590 https://nvd.nist.gov/vuln/detail/CVE-2023-30590
CVE CVE-2023-32002 CVE-2023-32002 https://nvd.nist.gov/vuln/detail/CVE-2023-32002
CVE CVE-2023-32003 CVE-2023-32003 https://nvd.nist.gov/vuln/detail/CVE-2023-32003
CVE CVE-2023-32004 CVE-2023-32004 https://nvd.nist.gov/vuln/detail/CVE-2023-32004
CVE CVE-2023-32005 CVE-2023-32005 https://nvd.nist.gov/vuln/detail/CVE-2023-32005
CVE CVE-2023-32006 CVE-2023-32006 https://nvd.nist.gov/vuln/detail/CVE-2023-32006
CVE CVE-2023-32558 CVE-2023-32558 https://nvd.nist.gov/vuln/detail/CVE-2023-32558
CVE CVE-2023-32559 CVE-2023-32559 https://nvd.nist.gov/vuln/detail/CVE-2023-32559
Bugzilla 772422 Bugzilla #772422 https://bugs.gentoo.org/show_bug.cgi?id=772422
Bugzilla 781704 Bugzilla #781704 https://bugs.gentoo.org/show_bug.cgi?id=781704
Bugzilla 800986 Bugzilla #800986 https://bugs.gentoo.org/show_bug.cgi?id=800986
Bugzilla 805053 Bugzilla #805053 https://bugs.gentoo.org/show_bug.cgi?id=805053
Bugzilla 807775 Bugzilla #807775 https://bugs.gentoo.org/show_bug.cgi?id=807775
Bugzilla 811273 Bugzilla #811273 https://bugs.gentoo.org/show_bug.cgi?id=811273
Bugzilla 817938 Bugzilla #817938 https://bugs.gentoo.org/show_bug.cgi?id=817938
Bugzilla 831037 Bugzilla #831037 https://bugs.gentoo.org/show_bug.cgi?id=831037
Bugzilla 835615 Bugzilla #835615 https://bugs.gentoo.org/show_bug.cgi?id=835615
Bugzilla 857111 Bugzilla #857111 https://bugs.gentoo.org/show_bug.cgi?id=857111
Bugzilla 865627 Bugzilla #865627 https://bugs.gentoo.org/show_bug.cgi?id=865627
Bugzilla 872692 Bugzilla #872692 https://bugs.gentoo.org/show_bug.cgi?id=872692
Bugzilla 879617 Bugzilla #879617 https://bugs.gentoo.org/show_bug.cgi?id=879617
Bugzilla 918086 Bugzilla #918086 https://bugs.gentoo.org/show_bug.cgi?id=918086
Bugzilla 918614 Bugzilla #918614 https://bugs.gentoo.org/show_bug.cgi?id=918614
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:ebuild/net-libs/nodejs?distro=gentoo net-libs nodejs < 16.20.2 gentoo
Affected pkg:ebuild/net-libs/nodejs?distro=gentoo net-libs nodejs < 18.17.1 gentoo
Affected pkg:ebuild/net-libs/nodejs?distro=gentoo net-libs nodejs < 20.5.1 gentoo
Unaffected pkg:ebuild/net-libs/nodejs?distro=gentoo net-libs nodejs >= 16.20.2 gentoo
Unaffected pkg:ebuild/net-libs/nodejs?distro=gentoo net-libs nodejs >= 18.17.1 gentoo
Unaffected pkg:ebuild/net-libs/nodejs?distro=gentoo net-libs nodejs >= 20.5.1 gentoo
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date