[SUSE-SU-2022:0101-1] Security update for nodejs12
Severity
Important
CVEs
11
Security update for nodejs12
This update for nodejs12 fixes the following issues:
- CVE-2021-44531: Fixed improper handling of URI Subject Alternative Names (bsc#1194511).
- CVE-2021-44532: Fixed certificate Verification Bypass via String Injection (bsc#1194512).
- CVE-2021-44533: Fixed incorrect handling of certificate subject and issuer fields (bsc#1194513).
- CVE-2022-21824: Fixed prototype pollution via console.table properties (bsc#1194514).
- CVE-2021-22959: Fixed HTTP Request Smuggling due to spaced in headers(bsc#1191601).
- CVE-2021-22960: Fixed HTTP Request Smuggling when parsing the body (bsc#1191602).
- CVE-2021-37701: Fixed arbitrary file creation and overwrite vulnerability in nodejs-tar (bsc#1190057).
- CVE-2021-37712: Fixed arbitrary file creation and overwrite vulnerability in nodejs-tar (bsc#1190056).
- CVE-2021-37713: Fixed arbitrary file creation/overwrite and arbitrary code execution vulnerability in nodejs-tar (bsc#1190055).
- CVE-2021-39134: Fixed symlink following vulnerability in nodejs-arborist (bsc#1190054).
- CVE-2021-39135: Fixed symlink following vulnerability in nodejs-arborist (bsc#1190053).
- ID
- SUSE-SU-2022:0101-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20220101-1/
- Published
-
2022-01-18T08:35:56
(2 years ago) - Modified
-
2022-01-18T08:35:56
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALPINE:CVE-2021-22959
- ALPINE:CVE-2021-22960
- ALPINE:CVE-2021-37701
- ALPINE:CVE-2021-37712
- ALPINE:CVE-2021-37713
- ALPINE:CVE-2021-39134
- ALPINE:CVE-2021-39135
- ALPINE:CVE-2021-44531
- ALPINE:CVE-2021-44532
- ALPINE:CVE-2021-44533
- ALPINE:CVE-2022-21824
- ALSA-2021:5171
- ALSA-2022:0350
- ALSA-2022:7830
- ALSA-2022:9073
- ASA-202110-4
- DSA-5008-1
- DSA-5170-1
- ELSA-2021-5171
- ELSA-2022-0350
- ELSA-2022-7830
- FEDORA-2021-9807b754d9
- FEDORA-2021-9818cabe0d
- FEDORA-2021-cbad295a90
- FEDORA-2022-0eda327cb4
- FEDORA-2022-78090d2099
- FREEBSD:7062BCE0-1B17-11EC-9D9D-0022489AD614
- FREEBSD:8E150606-08C9-11ED-856E-D4C9EF517024
- FREEBSD:972BA0E8-8B8A-11EC-B369-6C3BE5272ACD
- FREEBSD:A9C5E89D-2D15-11EC-8363-0022489AD614
- GLSA-202405-29
- MS:CVE-2021-44531
- MS:CVE-2021-44532
- MS:CVE-2021-44533
- MS:CVE-2022-21824
- NPM:GHSA-2H3H-Q99F-3FHC
- NPM:GHSA-5955-9WPR-37JH
- NPM:GHSA-9R2W-394V-53QC
- NPM:GHSA-GMW6-94GG-2RC2
- NPM:GHSA-QQ89-HQ3F-393P
- openSUSE-SU-2021:1552-1
- openSUSE-SU-2021:1574-1
- openSUSE-SU-2021:3940-1
- openSUSE-SU-2021:3964-1
- openSUSE-SU-2022:0112-1
- openSUSE-SU-2022:0113-1
- RHEA-2022:5139
- RHSA-2021:5171
- RHSA-2022:0350
- RHSA-2022:7830
- RHSA-2022:9073
- RLEA-2022:5139
- RLSA-2021:5171
- RLSA-2022:0350
- RLSA-2022:7830
- RLSA-2022:9073
- SUSE-SU-2021:3886-1
- SUSE-SU-2021:3940-1
- SUSE-SU-2021:3964-1
- SUSE-SU-2022:0112-1
- SUSE-SU-2022:0113-1
- SUSE-SU-2022:0114-1
- SUSE-SU-2022:0570-1
- SUSE-SU-2022:1717-1
- SUSE-SU-2022:2855-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |