Oval Definition:oval:org.opensuse.security:def:109484
Revision Date:2021-09-03Version:1
Title:Security update for nodejs10 (Moderate)
Description:

This update for nodejs10 fixes the following issues:

- CVE-2021-3672: Fixed missing input validation on hostnames (bsc#1188881). - CVE-2021-22930: Fixed use after free on close http2 on stream canceling (bsc#1188917). - CVE-2021-22939: Fixed incomplete validation of rejectUnauthorized parameter (bsc#1189369). - CVE-2021-22931: Fixed improper handling of untypical characters in domain names (bsc#1189370).
Family:unixClass:patch
Status:Reference(s):1188881
1188917
1189369
1189370
CVE-2021-22930
CVE-2021-22931
CVE-2021-22939
CVE-2021-3672
SUSE-SU-2021:2953-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed
  • AND Package Information
  • nodejs10-10.24.1-1.39.2 is installed
  • OR nodejs10-devel-10.24.1-1.39.2 is installed
  • OR nodejs10-docs-10.24.1-1.39.2 is installed
  • OR npm10-10.24.1-1.39.2 is installed
    • BACK