Oval Definition:	oval:org.opensuse.security:def:484
Revision Date: 2022-05-17 Version: 1 Title: Security update for nodejs10 (Important) Description: This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153). - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963). - CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962). - CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696). - CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154). - CVE-2022-21824: Fixed prototype pollution via console.table (bsc#1194514). - CVE-2021-44906: Fixed prototype pollution in npm dependency (bsc#1198247). - CVE-2021-44907: Fixed insuficient sanitation in npm dependency (bsc#1197283). - CVE-2022-0235: Fixed passing of cookie data and sensitive headers to different hostnames in node-fetch-npm (bsc#1194819). Family: unix Class: patch Status: Reference(s): 1191962 1191963 1192153 1192154 1192696 1194514 1194819 1197283 1198247 CVE-2015-5621 CVE-2015-5621 CVE-2021-23343 CVE-2021-32803 CVE-2021-32804 CVE-2021-3807 CVE-2021-3918 CVE-2021-44906 CVE-2021-44907 CVE-2022-0235 CVE-2022-21824 SUSE-SU-2022:1717-1 Platform(s): openSUSE 13.1 openSUSE Leap 15.4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0 Product(s): Definition Synopsis openSUSE Leap 15.4 is installed AND Package Information nodejs10-10.24.1-150000.1.44.1 is installed OR nodejs10-devel-10.24.1-150000.1.44.1 is installed OR nodejs10-docs-10.24.1-150000.1.44.1 is installed OR npm10-10.24.1-150000.1.44.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND telepathy-idle-0.2.0-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libsnmp30-5.7.3-8.24 is installed OR net-snmp-5.7.3-8.24 is installed OR net-snmp-devel-5.7.3-8.24 is installed OR perl-SNMP-5.7.3-8.24 is installed OR snmp-mibs-5.7.3-8.24 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libsnmp30-5.7.3-8 is installed OR net-snmp-5.7.3-8 is installed OR net-snmp-devel-5.7.3-8 is installed OR perl-SNMP-5.7.3-8 is installed OR snmp-mibs-5.7.3-8 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information gdm-3.26.2.1-13.9 is installed OR gdm-devel-3.26.2.1-13.9 is installed OR gdm-lang-3.26.2.1-13.9 is installed OR gdmflexiserver-3.26.2.1-13.9 is installed OR libgdm1-3.26.2.1-13.9 is installed OR typelib-1_0-Gdm-1_0-3.26.2.1-13.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information libmysqld-devel-10.2.15-1 is installed OR libmysqld19-10.2.15-1 is installed OR mariadb-10.2.15-1 is installed OR mariadb-client-10.2.15-1 is installed OR mariadb-errormessages-10.2.15-1 is installed OR mariadb-tools-10.2.15-1 is installed
BACK