Vulnerability CVE-2021-22884 - CERT Civis.Net

Vulnerability Name:

CVE-2021-22884 (CCN-197191)

Assigned:

2021-02-18

Published:

2021-02-18

Updated:

2022-04-06

Summary:

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes â€œlocalhost6â€. When â€œlocalhost6â€ is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the â€œlocalhost6â€ domain. As long as the attacker uses the â€œlocalhost6â€ domain, they can still apply the attack described in CVE-2018-7160.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): High

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): Complete

Vulnerability Type:

CWE-Other
CWE-20

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-22884

Source: CONFIRM
Type: Patch, Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Source: XF
Type: UNKNOWN
nodejs-cve202122884-dos(197191)

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://hackerone.com/reports/1069487

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-a760169c3c

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-f6bd75e9d4

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-6aaba80ba2

Source: CCN
Type: Node.js Blog, 2021-02-23
February 2021 Security Releases

Source: MISC
Type: Patch, Release Notes, Vendor Advisory
https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/

Source: MISC
Type: Patch, Release Notes, Vendor Advisory
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210416-0001/

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210723-0001/

Source: CCN
Type: IBM Security Bulletin 6428997 (SDK for Node.js for Bluemix)
Multiple vulnerabilities affect IBM SDK for Node.js in IBM Cloud

Source: CCN
Type: IBM Security Bulletin 6436083 (Business Automation Workflow)
Multiple vulnerabilities in node.js may affect configuration editor used in IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-1971, CVE-2020-8265, CVE-2020-8287

Source: CCN
Type: IBM Security Bulletin 6437245 (InfoSphere Information Server)
Multiple vulnerabilities in Node.js affect IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 6438719 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is affected by multiple Node.js vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6448842 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container may be vulnerable to multiple denial of service through the Node.js runtime

Source: CCN
Type: IBM Security Bulletin 6450779 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Source: CCN
Type: IBM Security Bulletin 6453063 (Cloud Automation Manager)
A security vulnerability in Node.js affects IBM Cloud Automation Manager

Source: CCN
Type: IBM Security Bulletin 6453079 (Cloud Pak for Multicloud Management)
A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Managed Service

Source: CCN
Type: IBM Security Bulletin 6453115 (Cloud Pak for Security)
Cloud Pak for Security contains security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6454803 (Spectrum Control)
Vulnerabilities in XStream, Java, OpenSSL, WebSphere Application Server Liberty and Node.js affect IBM Spectrum Control

Source: CCN
Type: IBM Security Bulletin 6463275 (Event Streams)
IBM Event Streams is potentially affected by multiple node vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6463977 (Integration Bus)
IBM Integration Bus & IBM App Connect Enterprise V11 are affected by vulnerabilities in Node.js (CVE-2021-22884, CVE-2021-22883)

Source: CCN
Type: IBM Security Bulletin 6466599 (Spectrum Protect Plus)
Vulnerabilities in MongoDB, Node.js, Docker, and XStream affect IBM Spectrum Protect Plus

Source: CCN
Type: IBM Security Bulletin 6473525 (API Connect)
IBM API Connect is impacted by vulnerabilities in node.js and OpenSSL (CVE-2021-23840, CVE-2021-22884, CVE-2021-22883)

Source: CCN
Type: IBM Security Bulletin 6476624 (WA for ICP)
Potential vulnerability with Node.js

Source: CCN
Type: IBM Security Bulletin 6486343 (Cloud Private)
IBM Cloud Private is vulnerable to OpenSSL and Node.js vulnerabilities (CVE-2021-23840, CVE-2021-22884, CVE-2021-22883)

Source: CCN
Type: IBM Security Bulletin 6510192 (API Connect)
IBM API Connect is impacted by a vulnerabilities in Node.js (CVE-2021-22884, CVE-2021-22883)

Source: CCN
Type: IBM Security Bulletin 6570957 (Cognos Analytics)
IBM Cognos Analytics has addressed multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6591203 (Netcool Agile Service Manager)
Multiple Vulnerabilities in Node.js affects IBM Netcool Agile Service Manager

Source: N/A
Type: Patch, Third Party Advisory
N/A

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Source: CCN
Type: Oracle CPUOct2021
Oracle Critical Patch Update Advisory - October 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Vulnerable Configuration:

Configuration 1:

cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 10.0.0 and < 10.24.0)

OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 12.0.0 and < 12.21.0)

OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 14.0.0 and < 14.16.0)

OR cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 15.0.0 and < 15.10.0)

Configuration 2:

cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

OR cpe:/a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*

OR cpe:/a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:snapcenter:-:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* (Version < 9.2.6.0)

OR cpe:/a:oracle:mysql_cluster:*:*:*:*:*:*:*:* (Version <= 8.0.25)

OR cpe:/a:oracle:nosql_database:*:*:*:*:*:*:*:* (Version < 20.3)

OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*

OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:* (Version < 1.0.1.1)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:nodejs:node.js:10:*:*:*:*:*:*:*

OR cpe:/a:nodejs:node.js:12:*:*:*:*:*:*:*

OR cpe:/a:nodejs:node.js:14.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:business_process_manager:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:5.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_process_manager:8.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_bus:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect:11.0.0.0:*:*:*:enterprise:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:2018.4.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:18.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:19.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.4:*:standard:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.5:*:standard:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.3.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.4.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.4.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:10.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_control:5.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_transformation_advisor:2.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:2018.4.1.15:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:5.0.8.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_analytics:11.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_analytics:11.2.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8180	P	Security update for terraform-provider-aws (Important)	2023-06-21
oval:org.opensuse.security:def:8178	P	Security update for terraform-provider-helm (Important) (in QA)	2023-06-20
oval:org.opensuse.security:def:8179	P	Security update for terraform-provider-null (Important) (in QA)	2023-06-20
oval:org.opensuse.security:def:8177	P	Security update for terraform-provider-aws (Important) (in QA)	2023-06-20
oval:org.opensuse.security:def:8160	P	Security update for python-Flask (Important)	2023-05-22
oval:org.opensuse.security:def:641	P	Security update for nodejs12 (Moderate) (in QA)	2022-09-30
oval:org.opensuse.security:def:642	P	Security update for nodejs10 (Moderate) (in QA)	2022-09-30
oval:org.opensuse.security:def:93316	P	(Important)	2022-07-13
oval:org.opensuse.security:def:99206	P	(Critical)	2022-02-08
oval:org.opensuse.security:def:93163	P	(Moderate)	2022-02-04
oval:org.opensuse.security:def:113037	P	nodejs14-14.17.5-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99710	P	(Moderate)	2021-12-28
oval:org.opensuse.security:def:100019	P	(Important)	2021-11-22
oval:org.opensuse.security:def:93111	P	(Moderate)	2021-11-09
oval:org.opensuse.security:def:106478	P	nodejs14-14.17.5-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:93264	P	(Important)	2021-09-03
oval:org.opensuse.security:def:99403	P	(Important)	2021-08-14
oval:org.opensuse.security:def:2327	P	nodejs12-12.21.0-4.13.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101418	P	nodejs14-14.16.0-5.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2328	P	nodejs14-14.16.0-5.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63416	P	nodejs12-12.21.0-4.13.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63417	P	nodejs14-14.16.0-5.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101417	P	nodejs12-12.21.0-4.13.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:98925	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:9009	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:91975	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:99312	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:9562	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:92362	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:69512	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:10126	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:92760	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:102815	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:69901	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:8814	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:70452	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:99120	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:96125	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:9372	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:92170	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:99511	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:109481	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:9761	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:92561	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:69702	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:69249	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:10312	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:92958	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:118577	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:8628	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:70266	P	Security update for nodejs8 (Important)	2021-08-05
oval:com.redhat.rhsa:def:20210744	P	RHSA-2021:0744: nodejs:14 security and bug fix update (Important)	2021-03-08
oval:org.opensuse.security:def:111254	P	Security update for nodejs8 (Moderate)	2021-03-06
oval:com.redhat.rhsa:def:20210734	P	RHSA-2021:0734: nodejs:12 security update (Important)	2021-03-04
oval:com.redhat.rhsa:def:20210735	P	RHSA-2021:0735: nodejs:10 security update (Important)	2021-03-04
oval:org.opensuse.security:def:111245	P	Security update for nodejs10 (Important)	2021-03-03
oval:org.opensuse.security:def:69269	P	Security update for nodejs8 (Moderate)	2021-03-02
oval:org.opensuse.security:def:49463	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:118597	P	Security update for nodejs8 (Moderate)	2021-03-02
oval:org.opensuse.security:def:9852	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:92652	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:100113	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:69793	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:10403	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:93010	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:102834	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:8709	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:70352	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:99011	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:9095	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:92061	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:96144	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:97254	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:9653	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:92453	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:102835	P	Security update for nodejs8 (Moderate)	2021-03-02
oval:org.opensuse.security:def:99801	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:69598	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:109500	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:10212	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:92851	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:69992	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:20992	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:69268	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:96145	P	Security update for nodejs8 (Moderate)	2021-03-02
oval:org.opensuse.security:def:118596	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:97259	P	Security update for nodejs8 (Moderate)	2021-03-02
oval:org.opensuse.security:def:8900	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:70543	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:109501	P	Security update for nodejs8 (Moderate)	2021-03-02
oval:org.opensuse.security:def:9458	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:92256	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:99602	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:111240	P	Security update for nodejs14 (Important)	2021-02-27
oval:org.opensuse.security:def:111241	P	Security update for nodejs12 (Important)	2021-02-27
oval:org.opensuse.security:def:109498	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:20990	P	Security update for nodejs12 (Important)	2021-02-26
oval:org.opensuse.security:def:69266	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:96143	P	Security update for nodejs12 (Important)	2021-02-26
oval:org.opensuse.security:def:118594	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:97246	P	Security update for nodejs12 (Important)	2021-02-26
oval:org.opensuse.security:def:109499	P	Security update for nodejs12 (Important)	2021-02-26
oval:org.opensuse.security:def:20991	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:69267	P	Security update for nodejs12 (Important)	2021-02-26
oval:org.opensuse.security:def:49461	P	Security update for nodejs12 (Important)	2021-02-26
oval:org.opensuse.security:def:118595	P	Security update for nodejs12 (Important)	2021-02-26
oval:org.opensuse.security:def:102832	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:49462	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:96142	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:97245	P	Security update for nodejs14 (Important)	2021-02-26
oval:org.opensuse.security:def:102833	P	Security update for nodejs12 (Important)	2021-02-26