Debian Bug report logs -
#1031418
node-undici: CVE-2023-23936 CVE-2023-24807
Package:
src:node-undici;
Maintainer for src:node-undici is Debian Javascript Maintainers <pkg-javascript-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 16 Feb 2023 21:45:02 UTC
Severity: imp ...
Synopsis
Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9 ...
Synopsis
Moderate: nodejs:18 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8Red Hat Product Secu ...
Synopsis
Important: nodejs security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for nodejs is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat P ...
Synopsis
Moderate: nodejs:16 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8Red Hat Product Secu ...
DescriptionThe MITRE CVE dictionary describes this issue as: Undici is an HTTP/11 client for Nodejs Starting with version 200 and prior to version 5191, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities This issue is patched in Undici v5191 As a workaround, sanitize the `headershost` string befor ...
Hitachi Ops Center Analyzer contains the following vulnerabilities:
CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-30581, CVE-2023-30585, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590
Affected products and versions are listed below Please upgrade your version to the appropriate versio ...