Oval Definition:	oval:org.opensuse.security:def:111704
Revision Date: 2021-09-03 Version: 1 Title: Security update for nodejs10 (Moderate) Description: This update for nodejs10 fixes the following issues: - CVE-2021-3672: Fixed missing input validation on hostnames (bsc#1188881). - CVE-2021-22930: Fixed use after free on close http2 on stream canceling (bsc#1188917). - CVE-2021-22939: Fixed incomplete validation of rejectUnauthorized parameter (bsc#1189369). - CVE-2021-22931: Fixed improper handling of untypical characters in domain names (bsc#1189370). Family: unix Class: patch Status: Reference(s): 1188881 1188917 1189369 1189370 CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-3672 openSUSE-SU-2021:2953-1 Platform(s): openSUSE Leap 15.3 Product(s): Definition Synopsis openSUSE Leap 15.3 is installed AND Package Information nodejs10-10.24.1-1.39.2 is installed OR nodejs10-devel-10.24.1-1.39.2 is installed OR nodejs10-docs-10.24.1-1.39.2 is installed OR npm10-10.24.1-1.39.2 is installed
BACK