Debian Bug report logs -
#962145
nodejs: CVE-2020-11080 CVE-2020-8172 CVE-2020-8174 (June 2020 security release)
Package:
src:nodejs;
Maintainer for src:nodejs is Debian Javascript Maintainers <pkg-javascript-devel@alioth-listsdebiannet>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 3 Jun 2020 1 ...
Two vulnerabilities were discovered in Nodejs, which could result in
denial of service and potentially the execution of arbitrary code
For the stable distribution (buster), these problems have been fixed in
version 10210~dfsg-1~deb10u1
We recommend that you upgrade your nodejs packages
For the detailed security status of nodejs please refer t ...
In nghttp2 before version 1410, the overly large HTTP/2 SETTINGS frame payload causes denial of service The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again The attack causes the CPU to spike at 100% nghttp2 v1410 fixes this ...
In nghttp2 before version 1410, the overly large HTTP/2 SETTINGS frame payload causes denial of service The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again The attack causes the CPU to spike at 100% nghttp2 v1410 fixes this ...
Synopsis
Important: httpd24-nghttp2 security update
Type/Severity
Security Advisory: Important
Topic
An update for httpd24-nghttp2 is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...
Synopsis
Important: Red Hat OpenShift Service Mesh 112 servicemesh-proxy security update
Type/Severity
Security Advisory: Important
Topic
An update for servicemesh-proxy is now available for OpenShift Service Mesh 11Red Hat Product Security has rated this update as having a security impact of Important ...
Synopsis
Important: nghttp2 security update
Type/Severity
Security Advisory: Important
Topic
An update for nghttp2 is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis
Important: nghttp2 security update
Type/Severity
Security Advisory: Important
Topic
An update for nghttp2 is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: Red Hat OpenShift Service Mesh 10 servicemesh-proxy security update
Type/Severity
Security Advisory: Important
Topic
An update for servicemesh-proxy is now available for OpenShift Service Mesh 10Red Hat Product Security has rated this update as having a security impact of Important A ...
Synopsis
Important: nghttp2 security update
Type/Severity
Security Advisory: Important
Topic
An update for nghttp2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis
Important: nodejs:10 security update
Type/Severity
Security Advisory: Important
Topic
An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis
Moderate: OpenShift Container Platform 458 security update
Type/Severity
Security Advisory: Moderate
Topic
An update for cluster-network-operator-container, cluster-version-operator-container, elasticsearch-operator-container, logging-kibana6-container, and ose-cluster-svcat-controller-manager-op ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 SP3 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Pack Apache Server 2437 Service Pack 3 zip release for RHEL 6, RHEL 7 and Microsoft Windows is availableRed Hat Product Security has r ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 SP3 security update
Type/Severity
Security Advisory: Important
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2437 and fix several bugs, and add various enhancements are now available for Red Hat ...
Synopsis
Important: nodejs:10 security update
Type/Severity
Security Advisory: Important
Topic
An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...
Synopsis
Important: nodejs:12 security update
Type/Severity
Security Advisory: Important
Topic
An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis
Moderate: Red Hat Quay v331 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat Quay 33Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: nodejs:12 security update
Type/Severity
Security Advisory: Important
Topic
An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...
Synopsis
Important: rh-nodejs12-nodejs security update
Type/Severity
Security Advisory: Important
Topic
An update for rh-nodejs12-nodejs is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis
Moderate: Red Hat OpenShift Service Mesh 3scale-istio-adapter-rhel8-container security update
Type/Severity
Security Advisory: Moderate
Topic
An update for 3scale-istio-adapter-rhel8-container is now available for OpenShift Service MeshRed Hat Product Security has rated this update as having a sec ...
Synopsis
Important: Container-native Virtualization security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 240 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Securi ...
Synopsis
Important: nodejs:10 security update
Type/Severity
Security Advisory: Important
Topic
An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Com ...
Synopsis
Important: rh-nodejs10-nodejs security update
Type/Severity
Security Advisory: Important
Topic
An update for rh-nodejs10-nodejs is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...