Oval Definition:	oval:org.opensuse.security:def:111727
Revision Date: 2021-09-23 Version: 1 Title: Security update for nodejs14 (Important) Description: This update for nodejs14 fixes the following issues: - CVE-2021-3672: Fixed missing input validation on hostnames (bsc#1188881). - CVE-2021-22931: Fixed improper handling of untypical characters in domain names (bsc#1189370). - CVE-2021-22940: Use after free on close http2 on stream canceling (bsc#1189368) - CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (bsc#1189369) - CVE-2021-22930: Fixed use after free on close http2 on stream canceling (bsc#1188917). Family: unix Class: patch Status: Reference(s): 1188881 1188917 1189368 1189369 1189370 CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-22940 CVE-2021-3672 openSUSE-SU-2021:3211-1 Platform(s): openSUSE Leap 15.3 Product(s): Definition Synopsis openSUSE Leap 15.3 is installed AND Package Information nodejs14-14.17.5-5.15.5 is installed OR nodejs14-devel-14.17.5-5.15.5 is installed OR nodejs14-docs-14.17.5-5.15.5 is installed OR npm14-14.17.5-5.15.5 is installed
BACK