Oval Definition:oval:org.opensuse.security:def:102281
Revision Date:2022-03-04Version:1
Title:Security update for nodejs14 (Important)
Description:

This update for nodejs14 fixes the following issues:

- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153). - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963). - CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962). - CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696). - CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154).
Family:unixClass:patch
Status:Reference(s):1155346
1176029
1177479
1177575
1177673
1177793
1179491
1191962
1191963
1192153
1192154
1192696
CVE-2020-1971
CVE-2021-23343
CVE-2021-32803
CVE-2021-32804
CVE-2021-3807
CVE-2021-3918
SUSE-SU-2020:3762-1
SUSE-SU-2022:0715-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Legacy 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15 SP3
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Storage 7
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy 15 SP2 is installed
  • AND Package Information
  • libopenssl-1_0_0-devel-1.0.2p-3.34.1 is installed
  • OR libopenssl1_0_0-1.0.2p-3.34.1 is installed
  • OR openssl-1_0_0-1.0.2p-3.34.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Web Scripting 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND Package Information
  • nodejs14-14.19.0-15.27.1 is installed
  • OR nodejs14-devel-14.19.0-15.27.1 is installed
  • OR nodejs14-docs-14.19.0-15.27.1 is installed
  • OR npm14-14.19.0-15.27.1 is installed
    • BACK