1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:0101-1

[SUSE-SU-2022:0101-1] Security update for nodejs12

Severity Important
CVEs 11
Info References Vulnerabilities

Security update for nodejs12

This update for nodejs12 fixes the following issues:

  • CVE-2021-44531: Fixed improper handling of URI Subject Alternative Names (bsc#1194511).
  • CVE-2021-44532: Fixed certificate Verification Bypass via String Injection (bsc#1194512).
  • CVE-2021-44533: Fixed incorrect handling of certificate subject and issuer fields (bsc#1194513).
  • CVE-2022-21824: Fixed prototype pollution via console.table properties (bsc#1194514).
  • CVE-2021-22959: Fixed HTTP Request Smuggling due to spaced in headers(bsc#1191601).
  • CVE-2021-22960: Fixed HTTP Request Smuggling when parsing the body (bsc#1191602).
  • CVE-2021-37701: Fixed arbitrary file creation and overwrite vulnerability in nodejs-tar (bsc#1190057).
  • CVE-2021-37712: Fixed arbitrary file creation and overwrite vulnerability in nodejs-tar (bsc#1190056).
  • CVE-2021-37713: Fixed arbitrary file creation/overwrite and arbitrary code execution vulnerability in nodejs-tar (bsc#1190055).
  • CVE-2021-39134: Fixed symlink following vulnerability in nodejs-arborist (bsc#1190054).
  • CVE-2021-39135: Fixed symlink following vulnerability in nodejs-arborist (bsc#1190053).
ID
SUSE-SU-2022:0101-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20220101-1/
Published
2022-01-18T08:35:56
(2 years ago)
Modified
2022-01-18T08:35:56
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0101-1.json
Suse URL for SUSE-SU-2022:0101-1 https://www.suse.com/support/update/announcement/2022/suse-su-20220101-1/
Suse E-Mail link for SUSE-SU-2022:0101-1 https://lists.suse.com/pipermail/sle-security-updates/2022-January/010017.html
Bugzilla SUSE Bug 1190053 https://bugzilla.suse.com/1190053
Bugzilla SUSE Bug 1190054 https://bugzilla.suse.com/1190054
Bugzilla SUSE Bug 1190055 https://bugzilla.suse.com/1190055
Bugzilla SUSE Bug 1190056 https://bugzilla.suse.com/1190056
Bugzilla SUSE Bug 1190057 https://bugzilla.suse.com/1190057
Bugzilla SUSE Bug 1191601 https://bugzilla.suse.com/1191601
Bugzilla SUSE Bug 1191602 https://bugzilla.suse.com/1191602
Bugzilla SUSE Bug 1194511 https://bugzilla.suse.com/1194511
Bugzilla SUSE Bug 1194512 https://bugzilla.suse.com/1194512
Bugzilla SUSE Bug 1194513 https://bugzilla.suse.com/1194513
Bugzilla SUSE Bug 1194514 https://bugzilla.suse.com/1194514
CVE SUSE CVE CVE-2021-22959 page https://www.suse.com/security/cve/CVE-2021-22959/
CVE SUSE CVE CVE-2021-22960 page https://www.suse.com/security/cve/CVE-2021-22960/
CVE SUSE CVE CVE-2021-37701 page https://www.suse.com/security/cve/CVE-2021-37701/
CVE SUSE CVE CVE-2021-37712 page https://www.suse.com/security/cve/CVE-2021-37712/
CVE SUSE CVE CVE-2021-37713 page https://www.suse.com/security/cve/CVE-2021-37713/
CVE SUSE CVE CVE-2021-39134 page https://www.suse.com/security/cve/CVE-2021-39134/
CVE SUSE CVE CVE-2021-39135 page https://www.suse.com/security/cve/CVE-2021-39135/
CVE SUSE CVE CVE-2021-44531 page https://www.suse.com/security/cve/CVE-2021-44531/
CVE SUSE CVE CVE-2021-44532 page https://www.suse.com/security/cve/CVE-2021-44532/
CVE SUSE CVE CVE-2021-44533 page https://www.suse.com/security/cve/CVE-2021-44533/
CVE SUSE CVE CVE-2022-21824 page https://www.suse.com/security/cve/CVE-2022-21824/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date