Oval Definition:oval:org.opensuse.security:def:102820
Revision Date:2021-09-23Version:1
Title:Security update for nodejs14 (Important)
Description:

This update for nodejs14 fixes the following issues:

- CVE-2021-3672: Fixed missing input validation on hostnames (bsc#1188881). - CVE-2021-22931: Fixed improper handling of untypical characters in domain names (bsc#1189370). - CVE-2021-22940: Use after free on close http2 on stream canceling (bsc#1189368) - CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (bsc#1189369) - CVE-2021-22930: Fixed use after free on close http2 on stream canceling (bsc#1188917).
Family:unixClass:patch
Status:Reference(s):1188881
1188917
1189368
1189369
1189370
CVE-2021-22930
CVE-2021-22931
CVE-2021-22939
CVE-2021-22940
CVE-2021-3672
SUSE-SU-2021:3211-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed
  • AND Package Information
  • nodejs14-14.17.5-5.15.5 is installed
  • OR nodejs14-devel-14.17.5-5.15.5 is installed
  • OR nodejs14-docs-14.17.5-5.15.5 is installed
  • OR npm14-14.17.5-5.15.5 is installed
  • BACK