Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-12116 (GCVE-0-2018-12116)
Vulnerability from cvelistv5 – Published: 2018-11-28 17:00 – Updated: 2024-08-05 08:24
VLAI?
EPSS
Summary
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
Severity ?
No CVSS data available.
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://nodejs.org/en/blog/vulnerability/november… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2019:1821 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/202003-48 | vendor-advisoryx_refsource_GENTOO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Node.js Project | Node.js |
Affected:
All versions prior to Node.js 6.15.0 and 8.14.0
|
Date Public ?
2018-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:24:03.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"name": "RHSA-2019:1821",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"name": "GLSA-202003-48",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Node.js",
"vendor": "The Node.js Project",
"versions": [
{
"status": "affected",
"version": "All versions prior to Node.js 6.15.0 and 8.14.0"
}
]
}
],
"datePublic": "2018-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115: Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T20:06:04.000Z",
"orgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558",
"shortName": "nodejs"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"name": "RHSA-2019:1821",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"name": "GLSA-202003-48",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-48"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-request@iojs.org",
"ID": "CVE-2018-12116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Node.js",
"version": {
"version_data": [
{
"version_value": "All versions prior to Node.js 6.15.0 and 8.14.0"
}
]
}
}
]
},
"vendor_name": "The Node.js Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115: Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"name": "RHSA-2019:1821",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"name": "GLSA-202003-48",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558",
"assignerShortName": "nodejs",
"cveId": "CVE-2018-12116",
"datePublished": "2018-11-28T17:00:00.000Z",
"dateReserved": "2018-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-05T08:24:03.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-12116",
"date": "2026-05-24",
"epss": "0.00531",
"percentile": "0.67471"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndIncluding\": \"6.8.1\", \"matchCriteriaId\": \"D107EC29-67E7-40C3-8E5A-324C9105C5E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\", \"versionStartIncluding\": \"6.9.0\", \"versionEndExcluding\": \"6.15.0\", \"matchCriteriaId\": \"2DEF4845-F577-4B12-AA48-39F0830B128E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndIncluding\": \"8.8.1\", \"matchCriteriaId\": \"74FB695D-2C76-47AB-988E-5629D2E695E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\", \"versionStartIncluding\": \"8.9.0\", \"versionEndExcluding\": \"8.14.0\", \"matchCriteriaId\": \"7E79DFA7-55F8-453A-83E9-1C790902FCB8\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:suse_enterprise_storage:4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30A38AC5-A8B9-4244-8093-40C77ADFF5F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C649194-B8C2-49F7-A819-C635EE584ABF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF73A3D9-6566-4CBF-AA5F-5A4B99719A1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_openstack_cloud:7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4B73BE9-4340-4A6B-89FE-A40FC4A10187\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_openstack_cloud:8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9C659D0-D6DB-4313-9208-C0C49FECD290\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.\"}, {\"lang\": \"es\", \"value\": \"Node.js: Todas las versiones anteriores a la 6.15.0 y 8.14.0: separaci\\u00f3n de petici\\u00f3n HTTP. Si se puede convencer a Node.js para que emplee datos Unicode no saneados proporcionados por el usuario para la opci\\u00f3n \\\"path\\\" de una petici\\u00f3n HTTP, los datos pueden proporcionarse para desencadenar una segunda petici\\u00f3n HTTP no esperada y definida por el usuario para el mismo servidor.\"}]",
"id": "CVE-2018-12116",
"lastModified": "2024-11-21T03:44:37.917",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-11-28T17:29:00.230",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2019:1821\", \"source\": \"cve-request@iojs.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\", \"source\": \"cve-request@iojs.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-48\", \"source\": \"cve-request@iojs.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1821\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-48\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve-request@iojs.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cve-request@iojs.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-115\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-12116\",\"sourceIdentifier\":\"cve-request@iojs.org\",\"published\":\"2018-11-28T17:29:00.230\",\"lastModified\":\"2024-11-21T03:44:37.917\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.\"},{\"lang\":\"es\",\"value\":\"Node.js: Todas las versiones anteriores a la 6.15.0 y 8.14.0: separaci\u00f3n de petici\u00f3n HTTP. Si se puede convencer a Node.js para que emplee datos Unicode no saneados proporcionados por el usuario para la opci\u00f3n \\\"path\\\" de una petici\u00f3n HTTP, los datos pueden proporcionarse para desencadenar una segunda petici\u00f3n HTTP no esperada y definida por el usuario para el mismo servidor.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve-request@iojs.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-115\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndIncluding\":\"6.8.1\",\"matchCriteriaId\":\"D107EC29-67E7-40C3-8E5A-324C9105C5E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"6.9.0\",\"versionEndExcluding\":\"6.15.0\",\"matchCriteriaId\":\"2DEF4845-F577-4B12-AA48-39F0830B128E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.8.1\",\"matchCriteriaId\":\"74FB695D-2C76-47AB-988E-5629D2E695E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"8.9.0\",\"versionEndExcluding\":\"8.14.0\",\"matchCriteriaId\":\"7E79DFA7-55F8-453A-83E9-1C790902FCB8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:suse_enterprise_storage:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30A38AC5-A8B9-4244-8093-40C77ADFF5F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C649194-B8C2-49F7-A819-C635EE584ABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF73A3D9-6566-4CBF-AA5F-5A4B99719A1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_openstack_cloud:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B73BE9-4340-4A6B-89FE-A40FC4A10187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_openstack_cloud:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9C659D0-D6DB-4313-9208-C0C49FECD290\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1821\",\"source\":\"cve-request@iojs.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\",\"source\":\"cve-request@iojs.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-48\",\"source\":\"cve-request@iojs.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1821\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-48\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
BDU:2019-02939
Vulnerability from fstec - Published: 27.11.2018
VLAI Severity ?
Title
Уязвимость парсера URL-адресов библиотеки Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемым данным
Description
Уязвимость парсера URL-адресов Node.js связана с ошибками при обработке HTTP-пакетов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемым данным с помощью HTTP-запросов
Severity ?
Vendor
Novell Inc., Node.js Foundation, Red Hat Inc., ООО «РусБИТех-Астра»
Software Name
OpenSUSE Leap, SUSE Enterprise Storage, SUSE OpenStack Cloud, SUSE Linux Enterprise Module for Web Scripting, Node.js, OpenShift Container Platform, Astra Linux Common Edition (запись в едином реестре российских программ №4433)
Software Version
42.3 (OpenSUSE Leap), 4 (SUSE Enterprise Storage), 7 (SUSE OpenStack Cloud), 12 (SUSE Linux Enterprise Module for Web Scripting), 15.0 (OpenSUSE Leap), от 6 до 6.15.0 (Node.js), от 8 до 8.14.0 (Node.js), 15 (SUSE Linux Enterprise Module for Web Scripting), 15 SP1 (SUSE Linux Enterprise Module for Web Scripting), Crowbar 8 (SUSE OpenStack Cloud), от 3.6 до 3.10 (OpenShift Container Platform), 1.6 «Смоленск» (Astra Linux Common Edition)
Possible Mitigations
Использование рекомендаций:
Для программных продуктов Node.js Foundation:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://github.com/nodejs/node/commit/513e9747a22386bc9c93a12f9698561827a1e631
Для программных продуктов Novell Inc.:
https://www.suse.com/pt-br/security/cve/CVE-2018-12116/
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2018-12116
Для ОС Astra Linux:
обновить пакет nodejs до 8.11.1~dfsg-2.astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16
Reference
https://access.redhat.com/errata/RHSA-2019:1821
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://github.com/nodejs/node/commit/513e9747a22386bc9c93a12f9698561827a1e631
https://www.suse.com/pt-br/security/cve/CVE-2018-12116/
https://access.redhat.com/security/cve/cve-2018-12116
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16
CWE
CWE-115, CWE-444
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., Node.js Foundation, Red Hat Inc., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "42.3 (OpenSUSE Leap), 4 (SUSE Enterprise Storage), 7 (SUSE OpenStack Cloud), 12 (SUSE Linux Enterprise Module for Web Scripting), 15.0 (OpenSUSE Leap), \u043e\u0442 6 \u0434\u043e 6.15.0 (Node.js), \u043e\u0442 8 \u0434\u043e 8.14.0 (Node.js), 15 (SUSE Linux Enterprise Module for Web Scripting), 15 SP1 (SUSE Linux Enterprise Module for Web Scripting), Crowbar 8 (SUSE OpenStack Cloud), \u043e\u0442 3.6 \u0434\u043e 3.10 (OpenShift Container Platform), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Common Edition)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Node.js Foundation:\nhttps://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\nhttps://github.com/nodejs/node/commit/513e9747a22386bc9c93a12f9698561827a1e631\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/pt-br/security/cve/CVE-2018-12116/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2018-12116\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 nodejs \u0434\u043e 8.11.1~dfsg-2.astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.11.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.01.2026",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.08.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-02939",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-12116",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "OpenSUSE Leap, SUSE Enterprise Storage, SUSE OpenStack Cloud, SUSE Linux Enterprise Module for Web Scripting, Node.js, OpenShift Container Platform, Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0441\u0435\u0440\u0430 URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Node.js, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-115), \u041d\u0435\u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0446\u0438\u044f HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 (\u0027\u041a\u043e\u043d\u0442\u0440\u0430\u0431\u0430\u043d\u0434\u0430 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432\u0027) (CWE-444)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0441\u0435\u0440\u0430 URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 Node.js \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 HTTP-\u043f\u0430\u043a\u0435\u0442\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041f\u043e\u0434\u043c\u0435\u043d\u0430 \u043f\u0440\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/errata/RHSA-2019:1821 \nhttps://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\nhttps://github.com/nodejs/node/commit/513e9747a22386bc9c93a12f9698561827a1e631\nhttps://www.suse.com/pt-br/security/cve/CVE-2018-12116/\nhttps://access.redhat.com/security/cve/cve-2018-12116\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-115, CWE-444",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
CNVD-2019-42556
Vulnerability from cnvd - Published: 2019-11-27
VLAI Severity ?
Title
Joyent Node.js存在未明漏洞(CNVD-2019-42556)
Description
Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。该平台主要用于构建高度可伸缩的应用程序,以及编写能够处理数万条且同时连接到一个物理机的连接代码。
Joyent Node.js 6.15.0之前版本和8.14.0之前版本中存在安全漏洞。目前没有详细的漏洞细节提供。
Severity
中
Patch Name
Joyent Node.js存在未明漏洞(CNVD-2019-42556)的补丁
Patch Description
Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。该平台主要用于构建高度可伸缩的应用程序,以及编写能够处理数万条且同时连接到一个物理机的连接代码。
Joyent Node.js 6.15.0之前版本和8.14.0之前版本中存在安全漏洞。目前没有详细的漏洞细节提供。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
Reference
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
Impacted products
| Name | ['Joyent Node.js <6.15.0', 'Joyent Node.js <8.14.0'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-12116",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116"
}
},
"description": "Joyent Node.js\u662f\u7f8e\u56fdJoyent\u516c\u53f8\u7684\u4e00\u5957\u5efa\u7acb\u5728Google V8 JavaScript\u5f15\u64ce\u4e4b\u4e0a\u7684\u7f51\u7edc\u5e94\u7528\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u9ad8\u5ea6\u53ef\u4f38\u7f29\u7684\u5e94\u7528\u7a0b\u5e8f\uff0c\u4ee5\u53ca\u7f16\u5199\u80fd\u591f\u5904\u7406\u6570\u4e07\u6761\u4e14\u540c\u65f6\u8fde\u63a5\u5230\u4e00\u4e2a\u7269\u7406\u673a\u7684\u8fde\u63a5\u4ee3\u7801\u3002\n\nJoyent Node.js 6.15.0\u4e4b\u524d\u7248\u672c\u548c8.14.0\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-42556",
"openTime": "2019-11-27",
"patchDescription": "Joyent Node.js\u662f\u7f8e\u56fdJoyent\u516c\u53f8\u7684\u4e00\u5957\u5efa\u7acb\u5728Google V8 JavaScript\u5f15\u64ce\u4e4b\u4e0a\u7684\u7f51\u7edc\u5e94\u7528\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u9ad8\u5ea6\u53ef\u4f38\u7f29\u7684\u5e94\u7528\u7a0b\u5e8f\uff0c\u4ee5\u53ca\u7f16\u5199\u80fd\u591f\u5904\u7406\u6570\u4e07\u6761\u4e14\u540c\u65f6\u8fde\u63a5\u5230\u4e00\u4e2a\u7269\u7406\u673a\u7684\u8fde\u63a5\u4ee3\u7801\u3002\r\n\r\nJoyent Node.js 6.15.0\u4e4b\u524d\u7248\u672c\u548c8.14.0\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Joyent Node.js\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2019-42556\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Joyent Node.js \u003c6.15.0",
"Joyent Node.js \u003c8.14.0"
]
},
"referenceLink": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"serverity": "\u4e2d",
"submitTime": "2018-11-30",
"title": "Joyent Node.js\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2019-42556\uff09"
}
FKIE_CVE-2018-12116
Vulnerability from fkie_nvd - Published: 2018-11-28 17:29 - Updated: 2024-11-21 03:44
Severity ?
Summary
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
References
| URL | Tags | ||
|---|---|---|---|
| cve-request@iojs.org | https://access.redhat.com/errata/RHSA-2019:1821 | Third Party Advisory | |
| cve-request@iojs.org | https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/ | Patch, Vendor Advisory | |
| cve-request@iojs.org | https://security.gentoo.org/glsa/202003-48 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:1821 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202003-48 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| suse | suse_enterprise_storage | 4 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 15 | |
| suse | suse_openstack_cloud | 7 | |
| suse | suse_openstack_cloud | 8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "D107EC29-67E7-40C3-8E5A-324C9105C5E4",
"versionEndIncluding": "6.8.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "2DEF4845-F577-4B12-AA48-39F0830B128E",
"versionEndExcluding": "6.15.0",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "74FB695D-2C76-47AB-988E-5629D2E695E5",
"versionEndIncluding": "8.8.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "7E79DFA7-55F8-453A-83E9-1C790902FCB8",
"versionEndExcluding": "8.14.0",
"versionStartIncluding": "8.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_enterprise_storage:4:*:*:*:*:*:*:*",
"matchCriteriaId": "30A38AC5-A8B9-4244-8093-40C77ADFF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*",
"matchCriteriaId": "AF73A3D9-6566-4CBF-AA5F-5A4B99719A1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_openstack_cloud:7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B73BE9-4340-4A6B-89FE-A40FC4A10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_openstack_cloud:8:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C659D0-D6DB-4313-9208-C0C49FECD290",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server."
},
{
"lang": "es",
"value": "Node.js: Todas las versiones anteriores a la 6.15.0 y 8.14.0: separaci\u00f3n de petici\u00f3n HTTP. Si se puede convencer a Node.js para que emplee datos Unicode no saneados proporcionados por el usuario para la opci\u00f3n \"path\" de una petici\u00f3n HTTP, los datos pueden proporcionarse para desencadenar una segunda petici\u00f3n HTTP no esperada y definida por el usuario para el mismo servidor."
}
],
"id": "CVE-2018-12116",
"lastModified": "2024-11-21T03:44:37.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-28T17:29:00.230",
"references": [
{
"source": "cve-request@iojs.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"source": "cve-request@iojs.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"source": "cve-request@iojs.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-48"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-48"
}
],
"sourceIdentifier": "cve-request@iojs.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-115"
}
],
"source": "cve-request@iojs.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-MFJX-W835-F3W2
Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27
VLAI?
Details
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the path option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2018-12116"
],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-28T17:29:00Z",
"severity": "HIGH"
},
"details": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.",
"id": "GHSA-mfjx-w835-f3w2",
"modified": "2022-05-13T01:27:48Z",
"published": "2022-05-13T01:27:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12116"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"type": "WEB",
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202003-48"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2018-12116
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-12116",
"description": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.",
"id": "GSD-2018-12116",
"references": [
"https://www.suse.com/security/cve/CVE-2018-12116.html",
"https://access.redhat.com/errata/RHSA-2019:1821",
"https://advisories.mageia.org/CVE-2018-12116.html",
"https://ubuntu.com/security/CVE-2018-12116"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-12116"
],
"details": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.",
"id": "GSD-2018-12116",
"modified": "2023-12-13T01:22:30.029129Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve-request@iojs.org",
"ID": "CVE-2018-12116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Node.js",
"version": {
"version_data": [
{
"version_value": "All versions prior to Node.js 6.15.0 and 8.14.0"
}
]
}
}
]
},
"vendor_name": "The Node.js Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115: Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"name": "RHSA-2019:1821",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"name": "GLSA-202003-48",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.8.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.8.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.15.0",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.14.0",
"versionStartIncluding": "8.9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_enterprise_storage:4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_openstack_cloud:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_openstack_cloud:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve-request@iojs.org",
"ID": "CVE-2018-12116"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"name": "RHSA-2019:1821",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"name": "GLSA-202003-48",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-08-29T20:24Z",
"publishedDate": "2018-11-28T17:29Z"
}
}
}
MSRC_CVE-2018-12116
Vulnerability from csaf_microsoft - Published: 2018-11-02 00:00 - Updated: 2021-06-06 00:00Summary
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request then data can be provided which will trigger a second unexpected and user-defined HTTP request to made to the same server.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2018/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2018/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2018-12116 Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request then data can be provided which will trigger a second unexpected and user-defined HTTP request to made to the same server. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2018/msrc_cve-2018-12116.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request then data can be provided which will trigger a second unexpected and user-defined HTTP request to made to the same server.",
"tracking": {
"current_release_date": "2021-06-06T00:00:00.000Z",
"generator": {
"date": "2025-10-19T17:23:54.152Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2018-12116",
"initial_release_date": "2018-11-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-06-06T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 nodejs 14.17.2-1",
"product": {
"name": "\u003ccm1 nodejs 14.17.2-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 nodejs 14.17.2-1",
"product": {
"name": "cm1 nodejs 14.17.2-1",
"product_id": "16918"
}
}
],
"category": "product_name",
"name": "nodejs"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 nodejs 14.17.2-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 nodejs 14.17.2-1 as a component of CBL Mariner 1.0",
"product_id": "16918-16820"
},
"product_reference": "16918",
"relates_to_product_reference": "16820"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12116",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"notes": [
{
"category": "general",
"text": "nodejs",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16918-16820"
],
"known_affected": [
"16820-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2018-12116 Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request then data can be provided which will trigger a second unexpected and user-defined HTTP request to made to the same server. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2018/msrc_cve-2018-12116.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-06T00:00:00.000Z",
"details": "14.17.2-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"16820-1"
]
}
],
"title": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request then data can be provided which will trigger a second unexpected and user-defined HTTP request to made to the same server."
}
]
}
OPENSUSE-SU-2019:0089-1
Vulnerability from csaf_opensuse - Published: 2019-03-23 10:49 - Updated: 2019-03-23 10:49Summary
Security update for nodejs8
Severity
Important
Notes
Title of the patch: Security update for nodejs8
Description of the patch: This update for nodejs8 to version 8.15.0 fixes the following issues:
Security issues fixed:
- CVE-2018-12121: Fixed a Denial of Service with large HTTP headers (bsc#1117626)
- CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)
- CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)
- CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript protocol (bsc#1117629)
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-89
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.2 (Medium)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs8 to version 8.15.0 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-12121: Fixed a Denial of Service with large HTTP headers (bsc#1117626)\n- CVE-2018-12122: Fixed the \u0027Slowloris\u0027 HTTP Denial of Service (bsc#1117627)\n- CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n- CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript protocol (bsc#1117629)\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-89",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0089-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:0089-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WVHUGID7T2P6NHDOVMAVMRSCBS4GN25L/#WVHUGID7T2P6NHDOVMAVMRSCBS4GN25L"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:0089-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WVHUGID7T2P6NHDOVMAVMRSCBS4GN25L/#WVHUGID7T2P6NHDOVMAVMRSCBS4GN25L"
},
{
"category": "self",
"summary": "SUSE Bug 1117626",
"url": "https://bugzilla.suse.com/1117626"
},
{
"category": "self",
"summary": "SUSE Bug 1117627",
"url": "https://bugzilla.suse.com/1117627"
},
{
"category": "self",
"summary": "SUSE Bug 1117629",
"url": "https://bugzilla.suse.com/1117629"
},
{
"category": "self",
"summary": "SUSE Bug 1117630",
"url": "https://bugzilla.suse.com/1117630"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12116 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12121 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12122 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12122/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12123 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12123/"
}
],
"title": "Security update for nodejs8",
"tracking": {
"current_release_date": "2019-03-23T10:49:42Z",
"generator": {
"date": "2019-03-23T10:49:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:0089-1",
"initial_release_date": "2019-03-23T10:49:42Z",
"revision_history": [
{
"date": "2019-03-23T10:49:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.15.0-lp150.2.9.1.i586",
"product": {
"name": "nodejs8-8.15.0-lp150.2.9.1.i586",
"product_id": "nodejs8-8.15.0-lp150.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"product": {
"name": "nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"product_id": "nodejs8-devel-8.15.0-lp150.2.9.1.i586"
}
},
{
"category": "product_version",
"name": "npm8-8.15.0-lp150.2.9.1.i586",
"product": {
"name": "npm8-8.15.0-lp150.2.9.1.i586",
"product_id": "npm8-8.15.0-lp150.2.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"product": {
"name": "nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"product_id": "nodejs8-docs-8.15.0-lp150.2.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.15.0-lp150.2.9.1.x86_64",
"product": {
"name": "nodejs8-8.15.0-lp150.2.9.1.x86_64",
"product_id": "nodejs8-8.15.0-lp150.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"product": {
"name": "nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"product_id": "nodejs8-devel-8.15.0-lp150.2.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm8-8.15.0-lp150.2.9.1.x86_64",
"product": {
"name": "npm8-8.15.0-lp150.2.9.1.x86_64",
"product_id": "npm8-8.15.0-lp150.2.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.15.0-lp150.2.9.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586"
},
"product_reference": "nodejs8-8.15.0-lp150.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.15.0-lp150.2.9.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64"
},
"product_reference": "nodejs8-8.15.0-lp150.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.15.0-lp150.2.9.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586"
},
"product_reference": "nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.15.0-lp150.2.9.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64"
},
"product_reference": "nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.15.0-lp150.2.9.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch"
},
"product_reference": "nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.15.0-lp150.2.9.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586"
},
"product_reference": "npm8-8.15.0-lp150.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.15.0-lp150.2.9.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
},
"product_reference": "npm8-8.15.0-lp150.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12116"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12116",
"url": "https://www.suse.com/security/cve/CVE-2018-12116"
},
{
"category": "external",
"summary": "SUSE Bug 1117630 for CVE-2018-12116",
"url": "https://bugzilla.suse.com/1117630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:49:42Z",
"details": "moderate"
}
],
"title": "CVE-2018-12116"
},
{
"cve": "CVE-2018-12121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12121"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12121",
"url": "https://www.suse.com/security/cve/CVE-2018-12121"
},
{
"category": "external",
"summary": "SUSE Bug 1117626 for CVE-2018-12121",
"url": "https://bugzilla.suse.com/1117626"
},
{
"category": "external",
"summary": "SUSE Bug 1127532 for CVE-2018-12121",
"url": "https://bugzilla.suse.com/1127532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:49:42Z",
"details": "important"
}
],
"title": "CVE-2018-12121"
},
{
"cve": "CVE-2018-12122",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12122"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12122",
"url": "https://www.suse.com/security/cve/CVE-2018-12122"
},
{
"category": "external",
"summary": "SUSE Bug 1117627 for CVE-2018-12122",
"url": "https://bugzilla.suse.com/1117627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:49:42Z",
"details": "important"
}
],
"title": "CVE-2018-12122"
},
{
"cve": "CVE-2018-12123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12123"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case \"javascript:\" (e.g. \"javAscript:\") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12123",
"url": "https://www.suse.com/security/cve/CVE-2018-12123"
},
{
"category": "external",
"summary": "SUSE Bug 1117629 for CVE-2018-12123",
"url": "https://bugzilla.suse.com/1117629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:nodejs8-devel-8.15.0-lp150.2.9.1.x86_64",
"openSUSE Leap 15.0:nodejs8-docs-8.15.0-lp150.2.9.1.noarch",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.i586",
"openSUSE Leap 15.0:npm8-8.15.0-lp150.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:49:42Z",
"details": "moderate"
}
],
"title": "CVE-2018-12123"
}
]
}
RHSA-2019:1821
Vulnerability from csaf_redhat - Published: 2019-07-22 13:39 - Updated: 2026-02-04 19:03Summary
Red Hat Security Advisory: rh-nodejs8-nodejs security update
Severity
Important
Notes
Topic: An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs8-nodejs (8.16.0). (BZ#1665986, BZ#1710734)
Security Fix(es):
* nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link (CVE-2018-20834)
* nodejs: HTTP request splitting (CVE-2018-12116)
* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)
* nodejs: Slowloris HTTP Denial of Service (CVE-2018-12122)
* nodejs: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)
* nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass (CVE-2019-5737)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
7.2 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.
7.5 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service.
5.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case "javascript:" (e.g. "javAscript:") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.
5.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in nodejs-tar in versions prior to 4.4.2. An arbitrary file overwrite can occur when extracting tarballs containing a hard-link to a file that already exists in the system. Further, a file that matches the hard-link may overwrite the system's files with the contents of the extracted file. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server's headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of service.
5.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs8-nodejs (8.16.0). (BZ#1665986, BZ#1710734)\n\nSecurity Fix(es):\n\n* nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link (CVE-2018-20834)\n\n* nodejs: HTTP request splitting (CVE-2018-12116)\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: Slowloris HTTP Denial of Service (CVE-2018-12122)\n\n* nodejs: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)\n\n* nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass (CVE-2019-5737)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1660998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660998"
},
{
"category": "external",
"summary": "1661002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661002"
},
{
"category": "external",
"summary": "1661005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661005"
},
{
"category": "external",
"summary": "1661010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661010"
},
{
"category": "external",
"summary": "1690808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690808"
},
{
"category": "external",
"summary": "1702338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1821.json"
}
],
"title": "Red Hat Security Advisory: rh-nodejs8-nodejs security update",
"tracking": {
"current_release_date": "2026-02-04T19:03:24+00:00",
"generator": {
"date": "2026-02-04T19:03:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2019:1821",
"initial_release_date": "2019-07-22T13:39:40+00:00",
"revision_history": [
{
"date": "2019-07-22T13:39:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-07-22T13:39:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-04T19:03:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"product": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"product_id": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-docs@8.16.0-1.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12116",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660998"
}
],
"notes": [
{
"category": "description",
"text": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request splitting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12116"
},
{
"category": "external",
"summary": "RHBZ#1660998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660998"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12116",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12116"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12116",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12116"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request splitting"
},
{
"cve": "CVE-2018-12121",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1661002"
}
],
"notes": [
{
"category": "description",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Denial of Service with large HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12121"
},
{
"category": "external",
"summary": "RHBZ#1661002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Denial of Service with large HTTP headers"
},
{
"cve": "CVE-2018-12122",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1661005"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Slowloris HTTP Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12122"
},
{
"category": "external",
"summary": "RHBZ#1661005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661005"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12122"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"category": "workaround",
"details": "The use of a Load Balancer or a Reverse Proxy will increase the difficulty of the attack.",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Slowloris HTTP Denial of Service"
},
{
"cve": "CVE-2018-12123",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1661010"
}
],
"notes": [
{
"category": "description",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case \"javascript:\" (e.g. \"javAscript:\") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Hostname spoofing in URL parser for javascript protocol",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12123"
},
{
"category": "external",
"summary": "RHBZ#1661010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12123",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12123"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12123",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12123"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Hostname spoofing in URL parser for javascript protocol"
},
{
"cve": "CVE-2018-20834",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2019-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-tar in versions prior to 4.4.2. An arbitrary file overwrite can occur when extracting tarballs containing a hard-link to a file that already exists in the system. Further, a file that matches the hard-link may overwrite the system\u0027s files with the contents of the extracted file. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the tar package. \nThe vulnerable nodejs tar package is not used in a way that makes this vulnerability exploitable, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20834"
},
{
"category": "external",
"summary": "RHBZ#1702338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20834",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20834"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20834",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20834"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/344595",
"url": "https://hackerone.com/reports/344595"
}
],
"release_date": "2018-04-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link"
},
{
"cve": "CVE-2019-5737",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1690808"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server\u0027s headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-5737"
},
{
"category": "external",
"summary": "RHBZ#1690808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-5737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
},
{
"category": "external",
"summary": "https://nodejs.org/ja/blog/vulnerability/february-2019-security-releases/",
"url": "https://nodejs.org/ja/blog/vulnerability/february-2019-security-releases/"
}
],
"release_date": "2019-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"category": "workaround",
"details": "The use of a Load Balancer or a Reverse Proxy will increase the difficulty of the attack.",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass"
}
]
}
RHSA-2019_1821
Vulnerability from csaf_redhat - Published: 2019-07-22 13:39 - Updated: 2024-12-13 14:52Summary
Red Hat Security Advisory: rh-nodejs8-nodejs security update
Severity
Important
Notes
Topic: An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs8-nodejs (8.16.0). (BZ#1665986, BZ#1710734)
Security Fix(es):
* nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link (CVE-2018-20834)
* nodejs: HTTP request splitting (CVE-2018-12116)
* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)
* nodejs: Slowloris HTTP Denial of Service (CVE-2018-12122)
* nodejs: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)
* nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass (CVE-2019-5737)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
7.2 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.
7.5 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service.
5.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case "javascript:" (e.g. "javAscript:") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.
5.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in nodejs-tar in versions prior to 4.4.2. An arbitrary file overwrite can occur when extracting tarballs containing a hard-link to a file that already exists in the system. Further, a file that matches the hard-link may overwrite the system's files with the contents of the extracted file. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server's headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of service.
5.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThe following packages have been upgraded to a later upstream version: rh-nodejs8-nodejs (8.16.0). (BZ#1665986, BZ#1710734)\n\nSecurity Fix(es):\n\n* nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link (CVE-2018-20834)\n\n* nodejs: HTTP request splitting (CVE-2018-12116)\n\n* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)\n\n* nodejs: Slowloris HTTP Denial of Service (CVE-2018-12122)\n\n* nodejs: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)\n\n* nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass (CVE-2019-5737)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1660998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660998"
},
{
"category": "external",
"summary": "1661002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661002"
},
{
"category": "external",
"summary": "1661005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661005"
},
{
"category": "external",
"summary": "1661010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661010"
},
{
"category": "external",
"summary": "1690808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690808"
},
{
"category": "external",
"summary": "1702338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1821.json"
}
],
"title": "Red Hat Security Advisory: rh-nodejs8-nodejs security update",
"tracking": {
"current_release_date": "2024-12-13T14:52:32+00:00",
"generator": {
"date": "2024-12-13T14:52:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2019:1821",
"initial_release_date": "2019-07-22T13:39:40+00:00",
"revision_history": [
{
"date": "2019-07-22T13:39:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-07-22T13:39:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-13T14:52:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"product": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"product_id": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-docs@8.16.0-1.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"product": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"product_id": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-devel@8.16.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"product": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"product_id": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-npm@6.4.1-8.16.0.1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"product": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"product_id": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo@8.16.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"product": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"product_id": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64"
},
"product_reference": "rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch"
},
"product_reference": "rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
},
"product_reference": "rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12116",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660998"
}
],
"notes": [
{
"category": "description",
"text": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP request splitting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12116"
},
{
"category": "external",
"summary": "RHBZ#1660998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660998"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12116",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12116"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12116",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12116"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP request splitting"
},
{
"cve": "CVE-2018-12121",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1661002"
}
],
"notes": [
{
"category": "description",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Denial of Service with large HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12121"
},
{
"category": "external",
"summary": "RHBZ#1661002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Denial of Service with large HTTP headers"
},
{
"cve": "CVE-2018-12122",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1661005"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Slowloris HTTP Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12122"
},
{
"category": "external",
"summary": "RHBZ#1661005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661005"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12122"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"category": "workaround",
"details": "The use of a Load Balancer or a Reverse Proxy will increase the difficulty of the attack.",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Slowloris HTTP Denial of Service"
},
{
"cve": "CVE-2018-12123",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1661010"
}
],
"notes": [
{
"category": "description",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case \"javascript:\" (e.g. \"javAscript:\") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Hostname spoofing in URL parser for javascript protocol",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nodejs RPMs shipped in Red Hat OpenShift Container Platform (OCP) versions 3.6 through 3.10 are vulnerable to this flaw because they contain the affected code. Later versions of OCP used nodejs RPMs delivered from Red Hat Software Collections and Red Hat Enterprise Linux channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12123"
},
{
"category": "external",
"summary": "RHBZ#1661010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12123",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12123"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12123",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12123"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Hostname spoofing in URL parser for javascript protocol"
},
{
"cve": "CVE-2018-20834",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2019-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-tar in versions prior to 4.4.2. An arbitrary file overwrite can occur when extracting tarballs containing a hard-link to a file that already exists in the system. Further, a file that matches the hard-link may overwrite the system\u0027s files with the contents of the extracted file. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the tar package. \nThe vulnerable nodejs tar package is not used in a way that makes this vulnerability exploitable, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20834"
},
{
"category": "external",
"summary": "RHBZ#1702338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20834",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20834"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20834",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20834"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/344595",
"url": "https://hackerone.com/reports/344595"
}
],
"release_date": "2018-04-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link"
},
{
"cve": "CVE-2019-5737",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1690808"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server\u0027s headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-5737"
},
{
"category": "external",
"summary": "RHBZ#1690808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-5737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5737"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
},
{
"category": "external",
"summary": "https://nodejs.org/ja/blog/vulnerability/february-2019-security-releases/",
"url": "https://nodejs.org/ja/blog/vulnerability/february-2019-security-releases/"
}
],
"release_date": "2019-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T13:39:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"category": "workaround",
"details": "The use of a Load Balancer or a Reverse Proxy will increase the difficulty of the attack.",
"product_ids": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-Alt-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.4.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.5.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3-7.6.Z:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Server-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Server-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.src",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-debuginfo-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-devel-0:8.16.0-1.el7.x86_64",
"7Workstation-RHSCL-3.3:rh-nodejs8-nodejs-docs-0:8.16.0-1.el7.noarch",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.aarch64",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.ppc64le",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.s390x",
"7Workstation-RHSCL-3.3:rh-nodejs8-npm-0:6.4.1-8.16.0.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass"
}
]
}
SUSE-SU-2019:0117-1
Vulnerability from csaf_suse - Published: 2019-01-18 10:52 - Updated: 2019-01-18 10:52Summary
Security update for nodejs4
Severity
Important
Notes
Title of the patch: Security update for nodejs4
Description of the patch: This update for nodejs4 fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652)
- CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka 'PortSmash') (bsc#1113534)
- CVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625)
- CVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626)
- CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627)
- CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)
- CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript protocol (bsc#1117629)
Patchnames: SUSE-2019-117,SUSE-SLE-Module-Web-Scripting-12-2019-117,SUSE-Storage-4-2019-117
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.2 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs4 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652)\n- CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka \u0027PortSmash\u0027) (bsc#1113534)\n- CVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625)\n- CVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626)\n- CVE-2018-12122: Fixed the \u0027Slowloris\u0027 HTTP Denial of Service (bsc#1117627)\n- CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630)\n- CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript protocol (bsc#1117629)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-117,SUSE-SLE-Module-Web-Scripting-12-2019-117,SUSE-Storage-4-2019-117",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0117-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0117-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190117-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0117-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-January/005042.html"
},
{
"category": "self",
"summary": "SUSE Bug 1113534",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "self",
"summary": "SUSE Bug 1113652",
"url": "https://bugzilla.suse.com/1113652"
},
{
"category": "self",
"summary": "SUSE Bug 1117625",
"url": "https://bugzilla.suse.com/1117625"
},
{
"category": "self",
"summary": "SUSE Bug 1117626",
"url": "https://bugzilla.suse.com/1117626"
},
{
"category": "self",
"summary": "SUSE Bug 1117627",
"url": "https://bugzilla.suse.com/1117627"
},
{
"category": "self",
"summary": "SUSE Bug 1117629",
"url": "https://bugzilla.suse.com/1117629"
},
{
"category": "self",
"summary": "SUSE Bug 1117630",
"url": "https://bugzilla.suse.com/1117630"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-0734 page",
"url": "https://www.suse.com/security/cve/CVE-2018-0734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12116 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12120 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12121 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12122 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12122/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12123 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5407/"
}
],
"title": "Security update for nodejs4",
"tracking": {
"current_release_date": "2019-01-18T10:52:41Z",
"generator": {
"date": "2019-01-18T10:52:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0117-1",
"initial_release_date": "2019-01-18T10:52:41Z",
"revision_history": [
{
"date": "2019-01-18T10:52:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-4.9.1-15.17.1.aarch64",
"product": {
"name": "nodejs4-4.9.1-15.17.1.aarch64",
"product_id": "nodejs4-4.9.1-15.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs4-devel-4.9.1-15.17.1.aarch64",
"product": {
"name": "nodejs4-devel-4.9.1-15.17.1.aarch64",
"product_id": "nodejs4-devel-4.9.1-15.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm4-4.9.1-15.17.1.aarch64",
"product": {
"name": "npm4-4.9.1-15.17.1.aarch64",
"product_id": "npm4-4.9.1-15.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-4.9.1-15.17.1.i586",
"product": {
"name": "nodejs4-4.9.1-15.17.1.i586",
"product_id": "nodejs4-4.9.1-15.17.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs4-devel-4.9.1-15.17.1.i586",
"product": {
"name": "nodejs4-devel-4.9.1-15.17.1.i586",
"product_id": "nodejs4-devel-4.9.1-15.17.1.i586"
}
},
{
"category": "product_version",
"name": "npm4-4.9.1-15.17.1.i586",
"product": {
"name": "npm4-4.9.1-15.17.1.i586",
"product_id": "npm4-4.9.1-15.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-docs-4.9.1-15.17.1.noarch",
"product": {
"name": "nodejs4-docs-4.9.1-15.17.1.noarch",
"product_id": "nodejs4-docs-4.9.1-15.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-4.9.1-15.17.1.ppc64le",
"product": {
"name": "nodejs4-4.9.1-15.17.1.ppc64le",
"product_id": "nodejs4-4.9.1-15.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs4-devel-4.9.1-15.17.1.ppc64le",
"product": {
"name": "nodejs4-devel-4.9.1-15.17.1.ppc64le",
"product_id": "nodejs4-devel-4.9.1-15.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm4-4.9.1-15.17.1.ppc64le",
"product": {
"name": "npm4-4.9.1-15.17.1.ppc64le",
"product_id": "npm4-4.9.1-15.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs4-4.9.1-15.17.1.x86_64",
"product": {
"name": "nodejs4-4.9.1-15.17.1.x86_64",
"product_id": "nodejs4-4.9.1-15.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs4-devel-4.9.1-15.17.1.x86_64",
"product": {
"name": "nodejs4-devel-4.9.1-15.17.1.x86_64",
"product_id": "nodejs4-devel-4.9.1-15.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm4-4.9.1-15.17.1.x86_64",
"product": {
"name": "npm4-4.9.1-15.17.1.x86_64",
"product_id": "npm4-4.9.1-15.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.17.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64"
},
"product_reference": "nodejs4-4.9.1-15.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.17.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le"
},
"product_reference": "nodejs4-4.9.1-15.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.17.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64"
},
"product_reference": "nodejs4-4.9.1-15.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-devel-4.9.1-15.17.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64"
},
"product_reference": "nodejs4-devel-4.9.1-15.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-devel-4.9.1-15.17.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le"
},
"product_reference": "nodejs4-devel-4.9.1-15.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-devel-4.9.1-15.17.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64"
},
"product_reference": "nodejs4-devel-4.9.1-15.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-docs-4.9.1-15.17.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch"
},
"product_reference": "nodejs4-docs-4.9.1-15.17.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm4-4.9.1-15.17.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64"
},
"product_reference": "npm4-4.9.1-15.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm4-4.9.1-15.17.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le"
},
"product_reference": "npm4-4.9.1-15.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm4-4.9.1-15.17.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 12",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
},
"product_reference": "npm4-4.9.1-15.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.17.1.aarch64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64"
},
"product_reference": "nodejs4-4.9.1-15.17.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs4-4.9.1-15.17.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64"
},
"product_reference": "nodejs4-4.9.1-15.17.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-0734"
}
],
"notes": [
{
"category": "general",
"text": "The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-0734",
"url": "https://www.suse.com/security/cve/CVE-2018-0734"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-0734",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1113652 for CVE-2018-0734",
"url": "https://bugzilla.suse.com/1113652"
},
{
"category": "external",
"summary": "SUSE Bug 1113742 for CVE-2018-0734",
"url": "https://bugzilla.suse.com/1113742"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2018-0734",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1122212 for CVE-2018-0734",
"url": "https://bugzilla.suse.com/1122212"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-0734",
"url": "https://bugzilla.suse.com/1126909"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-0734",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-18T10:52:41Z",
"details": "moderate"
}
],
"title": "CVE-2018-0734"
},
{
"cve": "CVE-2018-12116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12116"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12116",
"url": "https://www.suse.com/security/cve/CVE-2018-12116"
},
{
"category": "external",
"summary": "SUSE Bug 1117630 for CVE-2018-12116",
"url": "https://bugzilla.suse.com/1117630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-18T10:52:41Z",
"details": "moderate"
}
],
"title": "CVE-2018-12116"
},
{
"cve": "CVE-2018-12120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12120"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as `node --debug=localhost`. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12120",
"url": "https://www.suse.com/security/cve/CVE-2018-12120"
},
{
"category": "external",
"summary": "SUSE Bug 1117625 for CVE-2018-12120",
"url": "https://bugzilla.suse.com/1117625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-18T10:52:41Z",
"details": "critical"
}
],
"title": "CVE-2018-12120"
},
{
"cve": "CVE-2018-12121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12121"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12121",
"url": "https://www.suse.com/security/cve/CVE-2018-12121"
},
{
"category": "external",
"summary": "SUSE Bug 1117626 for CVE-2018-12121",
"url": "https://bugzilla.suse.com/1117626"
},
{
"category": "external",
"summary": "SUSE Bug 1127532 for CVE-2018-12121",
"url": "https://bugzilla.suse.com/1127532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-18T10:52:41Z",
"details": "important"
}
],
"title": "CVE-2018-12121"
},
{
"cve": "CVE-2018-12122",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12122"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12122",
"url": "https://www.suse.com/security/cve/CVE-2018-12122"
},
{
"category": "external",
"summary": "SUSE Bug 1117627 for CVE-2018-12122",
"url": "https://bugzilla.suse.com/1117627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-18T10:52:41Z",
"details": "important"
}
],
"title": "CVE-2018-12122"
},
{
"cve": "CVE-2018-12123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12123"
}
],
"notes": [
{
"category": "general",
"text": "Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case \"javascript:\" (e.g. \"javAscript:\") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12123",
"url": "https://www.suse.com/security/cve/CVE-2018-12123"
},
{
"category": "external",
"summary": "SUSE Bug 1117629 for CVE-2018-12123",
"url": "https://bugzilla.suse.com/1117629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-18T10:52:41Z",
"details": "moderate"
}
],
"title": "CVE-2018-12123"
},
{
"cve": "CVE-2018-5407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5407"
}
],
"notes": [
{
"category": "general",
"text": "Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on \u0027port contention\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5407",
"url": "https://www.suse.com/security/cve/CVE-2018-5407"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-5407",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1116195 for CVE-2018-5407",
"url": "https://bugzilla.suse.com/1116195"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-5407",
"url": "https://bugzilla.suse.com/1126909"
},
{
"category": "external",
"summary": "SUSE Bug 1148697 for CVE-2018-5407",
"url": "https://bugzilla.suse.com/1148697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Enterprise Storage 4:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel-4.9.1-15.17.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs-4.9.1-15.17.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 12:npm4-4.9.1-15.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-18T10:52:41Z",
"details": "moderate"
}
],
"title": "CVE-2018-5407"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…