1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2021:0734

[RHSA-2021:0734] nodejs:12 security update

Severity Important
Affected Packages 19
CVEs 2
Info Packages References Vulnerabilities

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.

The following packages have been upgraded to a later upstream version: nodejs (12.21.0).

Security Fix(es):

  • nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion (CVE-2021-22883)

  • nodejs: DNS rebinding in --inspect (CVE-2021-22884)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/npm?arch=x86_64&distro=redhat-8.3 < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/npm?arch=s390x&distro=redhat-8.3 < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/npm?arch=ppc64le&distro=redhat-8.3 < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/npm?arch=aarch64&distro=redhat-8.3 < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs?arch=x86_64&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs?arch=s390x&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs?arch=ppc64le&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs?arch=aarch64&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-packaging?distro=redhat-8.1 < 17-3.module+el8.1.0+3369+37ae6a45
pkg:rpm/redhat/nodejs-nodemon?distro=redhat-8.3 < 2.0.3-1.module+el8.3.0+9715+1718613f
pkg:rpm/redhat/nodejs-full-i18n?arch=x86_64&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-full-i18n?arch=s390x&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-full-i18n?arch=ppc64le&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-full-i18n?arch=aarch64&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-docs?distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-devel?arch=x86_64&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-devel?arch=s390x&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-devel?arch=ppc64le&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
pkg:rpm/redhat/nodejs-devel?arch=aarch64&distro=redhat-8.3 < 12.21.0-1.module+el8.3.0+10191+34fb5a07
ID
RHSA-2021:0734
Severity
important
URL
https://access.redhat.com/errata/RHSA-2021:0734
Published
2021-03-04T00:00:00
(3 years ago)
Modified
2021-03-04T00:00:00
(3 years ago)
Rights
Copyright 2021 Red Hat, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/npm?arch=x86_64&distro=redhat-8.3 redhat npm < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07 redhat-8.3 x86_64
Affected pkg:rpm/redhat/npm?arch=s390x&distro=redhat-8.3 redhat npm < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07 redhat-8.3 s390x
Affected pkg:rpm/redhat/npm?arch=ppc64le&distro=redhat-8.3 redhat npm < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07 redhat-8.3 ppc64le
Affected pkg:rpm/redhat/npm?arch=aarch64&distro=redhat-8.3 redhat npm < 6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07 redhat-8.3 aarch64
Affected pkg:rpm/redhat/nodejs?arch=x86_64&distro=redhat-8.3 redhat nodejs < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 x86_64
Affected pkg:rpm/redhat/nodejs?arch=s390x&distro=redhat-8.3 redhat nodejs < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 s390x
Affected pkg:rpm/redhat/nodejs?arch=ppc64le&distro=redhat-8.3 redhat nodejs < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 ppc64le
Affected pkg:rpm/redhat/nodejs?arch=aarch64&distro=redhat-8.3 redhat nodejs < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 aarch64
Affected pkg:rpm/redhat/nodejs-packaging?distro=redhat-8.1 redhat nodejs-packaging < 17-3.module+el8.1.0+3369+37ae6a45 redhat-8.1
Affected pkg:rpm/redhat/nodejs-nodemon?distro=redhat-8.3 redhat nodejs-nodemon < 2.0.3-1.module+el8.3.0+9715+1718613f redhat-8.3
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=x86_64&distro=redhat-8.3 redhat nodejs-full-i18n < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 x86_64
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=s390x&distro=redhat-8.3 redhat nodejs-full-i18n < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 s390x
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=ppc64le&distro=redhat-8.3 redhat nodejs-full-i18n < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 ppc64le
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=aarch64&distro=redhat-8.3 redhat nodejs-full-i18n < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 aarch64
Affected pkg:rpm/redhat/nodejs-docs?distro=redhat-8.3 redhat nodejs-docs < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3
Affected pkg:rpm/redhat/nodejs-devel?arch=x86_64&distro=redhat-8.3 redhat nodejs-devel < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 x86_64
Affected pkg:rpm/redhat/nodejs-devel?arch=s390x&distro=redhat-8.3 redhat nodejs-devel < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 s390x
Affected pkg:rpm/redhat/nodejs-devel?arch=ppc64le&distro=redhat-8.3 redhat nodejs-devel < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 ppc64le
Affected pkg:rpm/redhat/nodejs-devel?arch=aarch64&distro=redhat-8.3 redhat nodejs-devel < 12.21.0-1.module+el8.3.0+10191+34fb5a07 redhat-8.3 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date