[USN-6491-1] Node.js vulnerabilities
Several security issues were fixed in Node.js.
Axel Chong discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2022-32212)
Zeyu Zhang discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-32213,
CVE-2022-32214, CVE-2022-32215)
It was discovered that Node.js incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to execute arbitrary
code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-35256)
It was discovered that Node.js incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to execute arbitrary
code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-43548)
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/nodejs?distro=jammy
|
< 12.22.9~dfsg-1ubuntu3.2 |
|
pkg:deb/ubuntu/nodejs?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.3 |
|
pkg:deb/ubuntu/nodejs?distro=bionic
|
< 8.10.0~dfsg-2ubuntu0.4+esm4 |
|
pkg:deb/ubuntu/nodejs-doc?distro=jammy
|
< 12.22.9~dfsg-1ubuntu3.2 |
|
pkg:deb/ubuntu/nodejs-doc?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.3 |
|
pkg:deb/ubuntu/nodejs-doc?distro=bionic
|
< 8.10.0~dfsg-2ubuntu0.4+esm4 |
|
pkg:deb/ubuntu/nodejs-dev?distro=bionic
|
< 8.10.0~dfsg-2ubuntu0.4+esm4 |
|
pkg:deb/ubuntu/libnode72?distro=jammy
|
< 12.22.9~dfsg-1ubuntu3.2 |
|
pkg:deb/ubuntu/libnode64?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.3 |
|
pkg:deb/ubuntu/libnode-dev?distro=jammy
|
< 12.22.9~dfsg-1ubuntu3.2 |
|
pkg:deb/ubuntu/libnode-dev?distro=focal
|
< 10.19.0~dfsg-3ubuntu1.3 |
- ID
- USN-6491-1
- Severity
- high
- Severity from
- CVE-2022-32212
- URL
- https://ubuntu.com/security/notices/USN-6491-1
- Published
-
2023-11-21T09:15:47
(10 months ago) - Modified
-
2023-11-21T09:15:47
(10 months ago) - Other Advisories
-
-
ALPINE:CVE-2022-32212
-
ALPINE:CVE-2022-32213
-
ALPINE:CVE-2022-32214
-
ALPINE:CVE-2022-32215
-
ALPINE:CVE-2022-35256
-
ALPINE:CVE-2022-43548
-
ALSA-2022:6448
-
ALSA-2022:6595
-
ALSA-2022:6963
-
ALSA-2022:6964
-
ALSA-2022:7821
-
ALSA-2022:7830
-
ALSA-2022:8832
-
ALSA-2022:8833
-
ALSA-2022:9073
-
ALSA-2023:0050
-
ALSA-2023:0321
-
DSA-5326-1
-
ELSA-2022-6448
-
ELSA-2022-6449
-
ELSA-2022-6595
-
ELSA-2022-6963
-
ELSA-2022-6964
-
ELSA-2022-7821
-
ELSA-2022-7830
-
ELSA-2022-8832
-
ELSA-2022-8833
-
ELSA-2023-0050
-
ELSA-2023-0321
-
FEDORA-2022-1667f7b60a
-
FEDORA-2022-52dec6351a
-
FEDORA-2022-de515f765f
-
FREEBSD:B9210706-FEB0-11EC-81FA-1C697A616631
-
GLSA-202405-29
-
MS:CVE-2022-32212
-
MS:CVE-2022-32213
-
MS:CVE-2022-32214
-
MS:CVE-2022-32215
-
MS:CVE-2022-35256
-
MS:CVE-2022-43548
-
NPM:GHSA-5689-V88G-G6RV
-
NPM:GHSA-Q5VX-44V4-GCH4
-
RHSA-2022:6448
-
RHSA-2022:6449
-
RHSA-2022:6595
-
RHSA-2022:6963
-
RHSA-2022:6964
-
RHSA-2022:7821
-
RHSA-2022:7830
-
RHSA-2022:8832
-
RHSA-2022:8833
-
RHSA-2022:9073
-
RHSA-2023:0050
-
RHSA-2023:0321
-
RLSA-2022:6448
-
RLSA-2022:6449
-
RLSA-2022:6964
-
RLSA-2022:7821
-
RLSA-2022:7830
-
RLSA-2022:8833
-
RLSA-2022:9073
-
RLSA-2023:0050
-
RLSA-2023:0321
-
SUSE-SU-2022:2415-1
-
SUSE-SU-2022:2416-1
-
SUSE-SU-2022:2417-1
-
SUSE-SU-2022:2425-1
-
SUSE-SU-2022:2430-1
-
SUSE-SU-2022:2491-1
-
SUSE-SU-2022:2551-1
-
SUSE-SU-2022:2855-1
-
SUSE-SU-2022:3503-1
-
SUSE-SU-2022:3516-1
-
SUSE-SU-2022:3524-1
-
SUSE-SU-2022:3614-1
-
SUSE-SU-2022:3615-1
-
SUSE-SU-2022:3616-1
-
SUSE-SU-2022:3656-1
-
SUSE-SU-2022:3835-1
-
SUSE-SU-2022:3967-1
-
SUSE-SU-2022:3968-1
-
SUSE-SU-2022:3989-1
-
SUSE-SU-2022:4003-1
-
SUSE-SU-2022:4084-1
-
SUSE-SU-2022:4254-1
-
SUSE-SU-2022:4255-1
-
SUSE-SU-2022:4301-1
-
SUSE-SU-2023:0408-1
-
SUSE-SU-2023:0419-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/nodejs?distro=jammy | ubuntu |
nodejs
|
< 12.22.9~dfsg-1ubuntu3.2 | jammy | ||
| Affected | pkg:deb/ubuntu/nodejs?distro=focal | ubuntu |
nodejs
|
< 10.19.0~dfsg-3ubuntu1.3 | focal | ||
| Affected | pkg:deb/ubuntu/nodejs?distro=bionic | ubuntu |
nodejs
|
< 8.10.0~dfsg-2ubuntu0.4+esm4 | bionic | ||
| Affected | pkg:deb/ubuntu/nodejs-doc?distro=jammy | ubuntu |
nodejs-doc
|
< 12.22.9~dfsg-1ubuntu3.2 | jammy | ||
| Affected | pkg:deb/ubuntu/nodejs-doc?distro=focal | ubuntu |
nodejs-doc
|
< 10.19.0~dfsg-3ubuntu1.3 | focal | ||
| Affected | pkg:deb/ubuntu/nodejs-doc?distro=bionic | ubuntu |
nodejs-doc
|
< 8.10.0~dfsg-2ubuntu0.4+esm4 | bionic | ||
| Affected | pkg:deb/ubuntu/nodejs-dev?distro=bionic | ubuntu |
nodejs-dev
|
< 8.10.0~dfsg-2ubuntu0.4+esm4 | bionic | ||
| Affected | pkg:deb/ubuntu/libnode72?distro=jammy | ubuntu |
libnode72
|
< 12.22.9~dfsg-1ubuntu3.2 | jammy | ||
| Affected | pkg:deb/ubuntu/libnode64?distro=focal | ubuntu |
libnode64
|
< 10.19.0~dfsg-3ubuntu1.3 | focal | ||
| Affected | pkg:deb/ubuntu/libnode-dev?distro=jammy | ubuntu |
libnode-dev
|
< 12.22.9~dfsg-1ubuntu3.2 | jammy | ||
| Affected | pkg:deb/ubuntu/libnode-dev?distro=focal | ubuntu |
libnode-dev
|
< 10.19.0~dfsg-3ubuntu1.3 | focal |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |