1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:4207-1

[SUSE-SU-2023:4207-1] Security update for nodejs18

Severity Important
Affected Packages 13
CVEs 4
Info Packages References Vulnerabilities

Security update for nodejs18

This update for nodejs18 fixes the following issues:

  • Update to version 18.18.2
  • CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. (bsc#1216190)
  • CVE-2023-45143: Fixed a cookie leakage in undici. (bsc#1216205)
  • CVE-2023-38552: Fixed an integrity checks according to policies that could be circumvented. (bsc#1216272)
  • CVE-2023-39333: Fixed a code injection via WebAssembly export names. (bsc#1216273)
Package Affected Version
pkg:rpm/suse/npm16?arch=x86_64&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/npm16?arch=s390x&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/npm16?arch=ppc64le&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/npm16?arch=aarch64&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16?arch=x86_64&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16?arch=s390x&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16?arch=ppc64le&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16?arch=aarch64&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16-docs?arch=noarch&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16-devel?arch=x86_64&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16-devel?arch=s390x&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16-devel?arch=ppc64le&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
pkg:rpm/suse/nodejs16-devel?arch=aarch64&distro=sles-15&sp=3 < 16.20.2-150300.7.30.1
ID
SUSE-SU-2023:4207-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20234207-1/
Published
2023-10-26T08:24:10
(10 months ago)
Modified
2023-10-26T08:24:10
(10 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/npm16?arch=x86_64&distro=sles-15&sp=3 suse npm16 < 16.20.2-150300.7.30.1 sles-15 x86_64
Affected pkg:rpm/suse/npm16?arch=s390x&distro=sles-15&sp=3 suse npm16 < 16.20.2-150300.7.30.1 sles-15 s390x
Affected pkg:rpm/suse/npm16?arch=ppc64le&distro=sles-15&sp=3 suse npm16 < 16.20.2-150300.7.30.1 sles-15 ppc64le
Affected pkg:rpm/suse/npm16?arch=aarch64&distro=sles-15&sp=3 suse npm16 < 16.20.2-150300.7.30.1 sles-15 aarch64
Affected pkg:rpm/suse/nodejs16?arch=x86_64&distro=sles-15&sp=3 suse nodejs16 < 16.20.2-150300.7.30.1 sles-15 x86_64
Affected pkg:rpm/suse/nodejs16?arch=s390x&distro=sles-15&sp=3 suse nodejs16 < 16.20.2-150300.7.30.1 sles-15 s390x
Affected pkg:rpm/suse/nodejs16?arch=ppc64le&distro=sles-15&sp=3 suse nodejs16 < 16.20.2-150300.7.30.1 sles-15 ppc64le
Affected pkg:rpm/suse/nodejs16?arch=aarch64&distro=sles-15&sp=3 suse nodejs16 < 16.20.2-150300.7.30.1 sles-15 aarch64
Affected pkg:rpm/suse/nodejs16-docs?arch=noarch&distro=sles-15&sp=3 suse nodejs16-docs < 16.20.2-150300.7.30.1 sles-15 noarch
Affected pkg:rpm/suse/nodejs16-devel?arch=x86_64&distro=sles-15&sp=3 suse nodejs16-devel < 16.20.2-150300.7.30.1 sles-15 x86_64
Affected pkg:rpm/suse/nodejs16-devel?arch=s390x&distro=sles-15&sp=3 suse nodejs16-devel < 16.20.2-150300.7.30.1 sles-15 s390x
Affected pkg:rpm/suse/nodejs16-devel?arch=ppc64le&distro=sles-15&sp=3 suse nodejs16-devel < 16.20.2-150300.7.30.1 sles-15 ppc64le
Affected pkg:rpm/suse/nodejs16-devel?arch=aarch64&distro=sles-15&sp=3 suse nodejs16-devel < 16.20.2-150300.7.30.1 sles-15 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date