[ELSA-2022-6964] nodejs:16 security update

Severity Important

Affected Packages 7

CVEs 2

nodejs
[1:16.17.1-1]
- Rebase to version 16.17.1
- Resolves: CVE-2022-35255 CVE-2022-35256
- Resolves: #2132004, #2130552
- Resolves #2121095

Package	Affected Version
pkg:rpm/oraclelinux/npm?distro=oraclelinux-8.6	< 8.15.0-1.16.17.1.1.module+el8.6.0+20846+72f1269d
pkg:rpm/oraclelinux/nodejs?distro=oraclelinux-8.6	< 16.17.1-1.module+el8.6.0+20846+72f1269d
pkg:rpm/oraclelinux/nodejs-packaging?distro=oraclelinux-8.5	< 25-1.module+el8.5.0+20388+4b61e68d
pkg:rpm/oraclelinux/nodejs-nodemon?distro=oraclelinux-8.6	< 2.0.19-2.module+el8.6.0+20846+72f1269d
pkg:rpm/oraclelinux/nodejs-full-i18n?distro=oraclelinux-8.6	< 16.17.1-1.module+el8.6.0+20846+72f1269d
pkg:rpm/oraclelinux/nodejs-docs?distro=oraclelinux-8.6	< 16.17.1-1.module+el8.6.0+20846+72f1269d
pkg:rpm/oraclelinux/nodejs-devel?distro=oraclelinux-8.6	< 16.17.1-1.module+el8.6.0+20846+72f1269d

ID

ELSA-2022-6964

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2022-6964.html

Published

2022-10-18T00:00:00
(23 months ago)

Modified

2022-10-18T00:00:00
(23 months ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2022-6964	https://linux.oracle.com/errata/ELSA-2022-6964.html
CVE	CVE-2022-35255	https://linux.oracle.com/cve/CVE-2022-35255.html
CVE	CVE-2022-35256	https://linux.oracle.com/cve/CVE-2022-35256.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/npm?distro=oraclelinux-8.6	oraclelinux	npm	< 8.15.0-1.16.17.1.1.module+el8.6.0+20846+72f1269d	oraclelinux-8.6
Affected	pkg:rpm/oraclelinux/nodejs?distro=oraclelinux-8.6	oraclelinux	nodejs	< 16.17.1-1.module+el8.6.0+20846+72f1269d	oraclelinux-8.6
Affected	pkg:rpm/oraclelinux/nodejs-packaging?distro=oraclelinux-8.5	oraclelinux	nodejs-packaging	< 25-1.module+el8.5.0+20388+4b61e68d	oraclelinux-8.5
Affected	pkg:rpm/oraclelinux/nodejs-nodemon?distro=oraclelinux-8.6	oraclelinux	nodejs-nodemon	< 2.0.19-2.module+el8.6.0+20846+72f1269d	oraclelinux-8.6
Affected	pkg:rpm/oraclelinux/nodejs-full-i18n?distro=oraclelinux-8.6	oraclelinux	nodejs-full-i18n	< 16.17.1-1.module+el8.6.0+20846+72f1269d	oraclelinux-8.6
Affected	pkg:rpm/oraclelinux/nodejs-docs?distro=oraclelinux-8.6	oraclelinux	nodejs-docs	< 16.17.1-1.module+el8.6.0+20846+72f1269d	oraclelinux-8.6
Affected	pkg:rpm/oraclelinux/nodejs-devel?distro=oraclelinux-8.6	oraclelinux	nodejs-devel	< 16.17.1-1.module+el8.6.0+20846+72f1269d	oraclelinux-8.6

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date