[USN-6418-1] Node.js vulnerabilities
Severity
High
Affected Packages
7
CVEs
2
Several security issues were fixed in Node.js.
It was discovered that Node.js incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. This issue was only fixed in Ubuntu 20.04 LTS. (CVE-2021-22883)
Vít Šesták discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2021-22884)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/nodejs?distro=focal | < 10.19.0~dfsg-3ubuntu1.2 |
pkg:deb/ubuntu/nodejs?distro=bionic | < 8.10.0~dfsg-2ubuntu0.4+esm3 |
pkg:deb/ubuntu/nodejs-doc?distro=focal | < 10.19.0~dfsg-3ubuntu1.2 |
pkg:deb/ubuntu/nodejs-doc?distro=bionic | < 8.10.0~dfsg-2ubuntu0.4+esm3 |
pkg:deb/ubuntu/nodejs-dev?distro=bionic | < 8.10.0~dfsg-2ubuntu0.4+esm3 |
pkg:deb/ubuntu/libnode64?distro=focal | < 10.19.0~dfsg-3ubuntu1.2 |
pkg:deb/ubuntu/libnode-dev?distro=focal | < 10.19.0~dfsg-3ubuntu1.2 |
- ID
- USN-6418-1
- Severity
- high
- Severity from
- CVE-2021-22883
- URL
- https://ubuntu.com/security/notices/USN-6418-1
- Published
-
2023-10-05T08:45:53
(11 months ago) - Modified
-
2023-10-05T08:45:53
(11 months ago) - Other Advisories
-
- ALPINE:CVE-2021-22883
- ALPINE:CVE-2021-22884
- ALSA-2021:0734
- ALSA-2021:0735
- ALSA-2021:0744
- DSA-4863-1
- ELSA-2021-0734
- ELSA-2021-0735
- ELSA-2021-0744
- FEDORA-2021-6aaba80ba2
- FEDORA-2021-a760169c3c
- FEDORA-2021-f6bd75e9d4
- FREEBSD:2F3CD69E-7DEE-11EB-B92E-0022489AD614
- FREEBSD:38A4A043-E937-11EB-9B84-D4C9EF517024
- GLSA-202405-29
- openSUSE-SU-2021:0356-1
- openSUSE-SU-2021:0357-1
- openSUSE-SU-2021:0372-1
- openSUSE-SU-2021:0389-1
- RHSA-2021:0734
- RHSA-2021:0735
- RHSA-2021:0744
- RLSA-2021:0734
- RLSA-2021:0735
- RLSA-2021:0744
- SUSE-SU-2021:0648-1
- SUSE-SU-2021:0649-1
- SUSE-SU-2021:0650-1
- SUSE-SU-2021:0651-1
- SUSE-SU-2021:0673-1
- SUSE-SU-2021:0674-1
- SUSE-SU-2021:0686-1
- SUSE-SU-2021:2620-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/nodejs?distro=focal | ubuntu | nodejs | < 10.19.0~dfsg-3ubuntu1.2 | focal | ||
Affected | pkg:deb/ubuntu/nodejs?distro=bionic | ubuntu | nodejs | < 8.10.0~dfsg-2ubuntu0.4+esm3 | bionic | ||
Affected | pkg:deb/ubuntu/nodejs-doc?distro=focal | ubuntu | nodejs-doc | < 10.19.0~dfsg-3ubuntu1.2 | focal | ||
Affected | pkg:deb/ubuntu/nodejs-doc?distro=bionic | ubuntu | nodejs-doc | < 8.10.0~dfsg-2ubuntu0.4+esm3 | bionic | ||
Affected | pkg:deb/ubuntu/nodejs-dev?distro=bionic | ubuntu | nodejs-dev | < 8.10.0~dfsg-2ubuntu0.4+esm3 | bionic | ||
Affected | pkg:deb/ubuntu/libnode64?distro=focal | ubuntu | libnode64 | < 10.19.0~dfsg-3ubuntu1.2 | focal | ||
Affected | pkg:deb/ubuntu/libnode-dev?distro=focal | ubuntu | libnode-dev | < 10.19.0~dfsg-3ubuntu1.2 | focal |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |