[USN-6418-1] Node.js vulnerabilities
Severity
High
Affected Packages
7
CVEs
2
Several security issues were fixed in Node.js.
It was discovered that Node.js incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. This issue was only fixed in Ubuntu 20.04 LTS. (CVE-2021-22883)
Vít Šesták discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2021-22884)
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/nodejs?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.2 |
|
pkg:deb/ubuntu/nodejs?distro=bionic
|
< 8.10.0~dfsg-2ubuntu0.4+esm3 |
|
pkg:deb/ubuntu/nodejs-doc?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.2 |
|
pkg:deb/ubuntu/nodejs-doc?distro=bionic
|
< 8.10.0~dfsg-2ubuntu0.4+esm3 |
|
pkg:deb/ubuntu/nodejs-dev?distro=bionic
|
< 8.10.0~dfsg-2ubuntu0.4+esm3 |
|
pkg:deb/ubuntu/libnode64?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.2 |
|
pkg:deb/ubuntu/libnode-dev?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.2 |
- ID
- USN-6418-1
- Severity
- high
- Severity from
- CVE-2021-22883
- URL
- https://ubuntu.com/security/notices/USN-6418-1
- Published
-
2023-10-05T08:45:53
(11 months ago) - Modified
-
2023-10-05T08:45:53
(11 months ago) - Other Advisories
-
-
ALPINE:CVE-2021-22883
-
ALPINE:CVE-2021-22884
-
ALSA-2021:0734
-
ALSA-2021:0735
-
ALSA-2021:0744
-
DSA-4863-1
-
ELSA-2021-0734
-
ELSA-2021-0735
-
ELSA-2021-0744
-
FEDORA-2021-6aaba80ba2
-
FEDORA-2021-a760169c3c
-
FEDORA-2021-f6bd75e9d4
-
FREEBSD:2F3CD69E-7DEE-11EB-B92E-0022489AD614
-
FREEBSD:38A4A043-E937-11EB-9B84-D4C9EF517024
-
GLSA-202405-29
-
openSUSE-SU-2021:0356-1
-
openSUSE-SU-2021:0357-1
-
openSUSE-SU-2021:0372-1
-
openSUSE-SU-2021:0389-1
-
RHSA-2021:0734
-
RHSA-2021:0735
-
RHSA-2021:0744
-
RLSA-2021:0734
-
RLSA-2021:0735
-
RLSA-2021:0744
-
SUSE-SU-2021:0648-1
-
SUSE-SU-2021:0649-1
-
SUSE-SU-2021:0650-1
-
SUSE-SU-2021:0651-1
-
SUSE-SU-2021:0673-1
-
SUSE-SU-2021:0674-1
-
SUSE-SU-2021:0686-1
-
SUSE-SU-2021:2620-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/nodejs?distro=focal | ubuntu |
nodejs
|
< 10.19.0~dfsg-3ubuntu1.2 | focal | ||
| Affected | pkg:deb/ubuntu/nodejs?distro=bionic | ubuntu |
nodejs
|
< 8.10.0~dfsg-2ubuntu0.4+esm3 | bionic | ||
| Affected | pkg:deb/ubuntu/nodejs-doc?distro=focal | ubuntu |
nodejs-doc
|
< 10.19.0~dfsg-3ubuntu1.2 | focal | ||
| Affected | pkg:deb/ubuntu/nodejs-doc?distro=bionic | ubuntu |
nodejs-doc
|
< 8.10.0~dfsg-2ubuntu0.4+esm3 | bionic | ||
| Affected | pkg:deb/ubuntu/nodejs-dev?distro=bionic | ubuntu |
nodejs-dev
|
< 8.10.0~dfsg-2ubuntu0.4+esm3 | bionic | ||
| Affected | pkg:deb/ubuntu/libnode64?distro=focal | ubuntu |
libnode64
|
< 10.19.0~dfsg-3ubuntu1.2 | focal | ||
| Affected | pkg:deb/ubuntu/libnode-dev?distro=focal | ubuntu |
libnode-dev
|
< 10.19.0~dfsg-3ubuntu1.2 | focal |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |