1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2024:1438

[RHSA-2024:1438] nodejs security update

Severity Important
Affected Packages 18
CVEs 1
Info Packages References Vulnerabilities

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.

Security Fix(es):

  • nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (CVE-2024-22019)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/npm?arch=x86_64&distro=redhat-9.3 < 8.19.4-1.16.20.2.4.el9_3
pkg:rpm/redhat/npm?arch=s390x&distro=redhat-9.3 < 8.19.4-1.16.20.2.4.el9_3
pkg:rpm/redhat/npm?arch=ppc64le&distro=redhat-9.3 < 8.19.4-1.16.20.2.4.el9_3
pkg:rpm/redhat/npm?arch=aarch64&distro=redhat-9.3 < 8.19.4-1.16.20.2.4.el9_3
pkg:rpm/redhat/nodejs?arch=x86_64&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs?arch=s390x&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs?arch=ppc64le&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs?arch=aarch64&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-libs?arch=x86_64&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-libs?arch=s390x&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-libs?arch=ppc64le&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-libs?arch=i686&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-libs?arch=aarch64&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-full-i18n?arch=x86_64&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-full-i18n?arch=s390x&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-full-i18n?arch=ppc64le&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-full-i18n?arch=aarch64&distro=redhat-9.3 < 16.20.2-4.el9_3
pkg:rpm/redhat/nodejs-docs?distro=redhat-9.3 < 16.20.2-4.el9_3
ID
RHSA-2024:1438
Severity
important
URL
https://access.redhat.com/errata/RHSA-2024:1438
Published
2024-03-20T00:00:00
(6 months ago)
Modified
2024-03-20T00:00:00
(6 months ago)
Rights
Copyright 2024 Red Hat, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/npm?arch=x86_64&distro=redhat-9.3 redhat npm < 8.19.4-1.16.20.2.4.el9_3 redhat-9.3 x86_64
Affected pkg:rpm/redhat/npm?arch=s390x&distro=redhat-9.3 redhat npm < 8.19.4-1.16.20.2.4.el9_3 redhat-9.3 s390x
Affected pkg:rpm/redhat/npm?arch=ppc64le&distro=redhat-9.3 redhat npm < 8.19.4-1.16.20.2.4.el9_3 redhat-9.3 ppc64le
Affected pkg:rpm/redhat/npm?arch=aarch64&distro=redhat-9.3 redhat npm < 8.19.4-1.16.20.2.4.el9_3 redhat-9.3 aarch64
Affected pkg:rpm/redhat/nodejs?arch=x86_64&distro=redhat-9.3 redhat nodejs < 16.20.2-4.el9_3 redhat-9.3 x86_64
Affected pkg:rpm/redhat/nodejs?arch=s390x&distro=redhat-9.3 redhat nodejs < 16.20.2-4.el9_3 redhat-9.3 s390x
Affected pkg:rpm/redhat/nodejs?arch=ppc64le&distro=redhat-9.3 redhat nodejs < 16.20.2-4.el9_3 redhat-9.3 ppc64le
Affected pkg:rpm/redhat/nodejs?arch=aarch64&distro=redhat-9.3 redhat nodejs < 16.20.2-4.el9_3 redhat-9.3 aarch64
Affected pkg:rpm/redhat/nodejs-libs?arch=x86_64&distro=redhat-9.3 redhat nodejs-libs < 16.20.2-4.el9_3 redhat-9.3 x86_64
Affected pkg:rpm/redhat/nodejs-libs?arch=s390x&distro=redhat-9.3 redhat nodejs-libs < 16.20.2-4.el9_3 redhat-9.3 s390x
Affected pkg:rpm/redhat/nodejs-libs?arch=ppc64le&distro=redhat-9.3 redhat nodejs-libs < 16.20.2-4.el9_3 redhat-9.3 ppc64le
Affected pkg:rpm/redhat/nodejs-libs?arch=i686&distro=redhat-9.3 redhat nodejs-libs < 16.20.2-4.el9_3 redhat-9.3 i686
Affected pkg:rpm/redhat/nodejs-libs?arch=aarch64&distro=redhat-9.3 redhat nodejs-libs < 16.20.2-4.el9_3 redhat-9.3 aarch64
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=x86_64&distro=redhat-9.3 redhat nodejs-full-i18n < 16.20.2-4.el9_3 redhat-9.3 x86_64
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=s390x&distro=redhat-9.3 redhat nodejs-full-i18n < 16.20.2-4.el9_3 redhat-9.3 s390x
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=ppc64le&distro=redhat-9.3 redhat nodejs-full-i18n < 16.20.2-4.el9_3 redhat-9.3 ppc64le
Affected pkg:rpm/redhat/nodejs-full-i18n?arch=aarch64&distro=redhat-9.3 redhat nodejs-full-i18n < 16.20.2-4.el9_3 redhat-9.3 aarch64
Affected pkg:rpm/redhat/nodejs-docs?distro=redhat-9.3 redhat nodejs-docs < 16.20.2-4.el9_3 redhat-9.3
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date