Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-7166 (GCVE-0-2018-7166)
Vulnerability from cvelistv5 – Published: 2018-08-21 13:00 – Updated: 2024-09-17 00:26
VLAI?
EPSS
Summary
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer's` internal "fill" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.
Severity ?
No CVSS data available.
CWE
- CWE-226 - Sensitive Information Uncleared Before Release
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Node.js Project | Node.js |
Affected:
All versions of Node.js 10 prior to 10.9.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:24:11.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:2553",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Node.js",
"vendor": "The Node.js Project",
"versions": [
{
"status": "affected",
"version": "All versions of Node.js 10 prior to 10.9.0"
}
]
}
],
"datePublic": "2018-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-226",
"description": "CWE-226: Sensitive Information Uncleared Before Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-23T09:57:01",
"orgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558",
"shortName": "nodejs"
},
"references": [
{
"name": "RHSA-2018:2553",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-request@iojs.org",
"DATE_PUBLIC": "2018-08-12T00:00:00",
"ID": "CVE-2018-7166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Node.js",
"version": {
"version_data": [
{
"version_value": "All versions of Node.js 10 prior to 10.9.0"
}
]
}
}
]
},
"vendor_name": "The Node.js Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-226: Sensitive Information Uncleared Before Release"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2553",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558",
"assignerShortName": "nodejs",
"cveId": "CVE-2018-7166",
"datePublished": "2018-08-21T13:00:00Z",
"dateReserved": "2018-02-15T00:00:00",
"dateUpdated": "2024-09-17T00:26:00.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.9.0\", \"matchCriteriaId\": \"48A01678-361E-4F23-B7D6-41B0C145F491\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \\\"fill\\\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.\"}, {\"lang\": \"es\", \"value\": \"En todas las versiones de Node.js 10 anteriores a la 10.9.0, un fallo en el procesamiento de argumentos puede provocar que \\\"Buffer.alloc()\\\" devuelva memoria no inicializada. Este m\\u00e9todo est\\u00e1 dise\\u00f1ado para ser seguro y solo devuelve la memoria inicializada o borrada. El tercer argumento que especifica \\\"encoding\\\" puede ser pasado como un n\\u00famero. Esto es malinterpretado por el m\\u00e9todo interno \\\"fill\\\" del b\\u00fafer como el \\\"comienzo\\\" de una operaci\\u00f3n de llenado (fill). Este defecto puede ser explotado cuando los argumentos \\\"Buffer.alloc()\\\" se derivan de la entrada del usuario para devolver bloques de memoria no borrados que pueden contener informaci\\u00f3n sensible.\"}]",
"id": "CVE-2018-7166",
"lastModified": "2024-11-21T04:11:42.510",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-08-21T12:29:00.320",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2018:2553\", \"source\": \"cve-request@iojs.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/\", \"source\": \"cve-request@iojs.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2553\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cve-request@iojs.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cve-request@iojs.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-226\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-908\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-7166\",\"sourceIdentifier\":\"cve-request@iojs.org\",\"published\":\"2018-08-21T12:29:00.320\",\"lastModified\":\"2024-11-21T04:11:42.510\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \\\"fill\\\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.\"},{\"lang\":\"es\",\"value\":\"En todas las versiones de Node.js 10 anteriores a la 10.9.0, un fallo en el procesamiento de argumentos puede provocar que \\\"Buffer.alloc()\\\" devuelva memoria no inicializada. Este m\u00e9todo est\u00e1 dise\u00f1ado para ser seguro y solo devuelve la memoria inicializada o borrada. El tercer argumento que especifica \\\"encoding\\\" puede ser pasado como un n\u00famero. Esto es malinterpretado por el m\u00e9todo interno \\\"fill\\\" del b\u00fafer como el \\\"comienzo\\\" de una operaci\u00f3n de llenado (fill). Este defecto puede ser explotado cuando los argumentos \\\"Buffer.alloc()\\\" se derivan de la entrada del usuario para devolver bloques de memoria no borrados que pueden contener informaci\u00f3n sensible.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve-request@iojs.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-226\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.9.0\",\"matchCriteriaId\":\"48A01678-361E-4F23-B7D6-41B0C145F491\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2553\",\"source\":\"cve-request@iojs.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/\",\"source\":\"cve-request@iojs.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2553\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CNVD-2019-42560
Vulnerability from cnvd - Published: 2019-11-27
VLAI Severity ?
Title
Joyent Node.js存在未明漏洞(CNVD-2019-42560)
Description
Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。该平台主要用于构建高度可伸缩的应用程序,以及编写能够处理数万条且同时连接到一个物理机的连接代码。
Joyent Node.js 10.9.0之前的10版本中存在安全漏洞,该漏洞源于参数处理错误会使‘Buffer.alloc()’返回未过滤的内存。攻击者可利用该漏洞获取敏感信息。
Severity
中
Patch Name
Joyent Node.js存在未明漏洞(CNVD-2019-42560)的补丁
Patch Description
Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。该平台主要用于构建高度可伸缩的应用程序,以及编写能够处理数万条且同时连接到一个物理机的连接代码。
Joyent Node.js 10.9.0之前的10版本中存在安全漏洞,该漏洞源于参数处理错误会使‘Buffer.alloc()’返回未过滤的内存。攻击者可利用该漏洞获取敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
Reference
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
Impacted products
| Name | Joyent Node.js 10,<10.9.0 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-7166",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7166"
}
},
"description": "Joyent Node.js\u662f\u7f8e\u56fdJoyent\u516c\u53f8\u7684\u4e00\u5957\u5efa\u7acb\u5728Google V8 JavaScript\u5f15\u64ce\u4e4b\u4e0a\u7684\u7f51\u7edc\u5e94\u7528\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u9ad8\u5ea6\u53ef\u4f38\u7f29\u7684\u5e94\u7528\u7a0b\u5e8f\uff0c\u4ee5\u53ca\u7f16\u5199\u80fd\u591f\u5904\u7406\u6570\u4e07\u6761\u4e14\u540c\u65f6\u8fde\u63a5\u5230\u4e00\u4e2a\u7269\u7406\u673a\u7684\u8fde\u63a5\u4ee3\u7801\u3002\n\nJoyent Node.js 10.9.0\u4e4b\u524d\u768410\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53c2\u6570\u5904\u7406\u9519\u8bef\u4f1a\u4f7f\u2018Buffer.alloc()\u2019\u8fd4\u56de\u672a\u8fc7\u6ee4\u7684\u5185\u5b58\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-42560",
"openTime": "2019-11-27",
"patchDescription": "Joyent Node.js\u662f\u7f8e\u56fdJoyent\u516c\u53f8\u7684\u4e00\u5957\u5efa\u7acb\u5728Google V8 JavaScript\u5f15\u64ce\u4e4b\u4e0a\u7684\u7f51\u7edc\u5e94\u7528\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u9ad8\u5ea6\u53ef\u4f38\u7f29\u7684\u5e94\u7528\u7a0b\u5e8f\uff0c\u4ee5\u53ca\u7f16\u5199\u80fd\u591f\u5904\u7406\u6570\u4e07\u6761\u4e14\u540c\u65f6\u8fde\u63a5\u5230\u4e00\u4e2a\u7269\u7406\u673a\u7684\u8fde\u63a5\u4ee3\u7801\u3002\r\n\r\nJoyent Node.js 10.9.0\u4e4b\u524d\u768410\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53c2\u6570\u5904\u7406\u9519\u8bef\u4f1a\u4f7f\u2018Buffer.alloc()\u2019\u8fd4\u56de\u672a\u8fc7\u6ee4\u7684\u5185\u5b58\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Joyent Node.js\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2019-42560\uff09\u7684\u8865\u4e01",
"products": {
"product": "Joyent Node.js 10\uff0c\u003c10.9.0"
},
"referenceLink": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"serverity": "\u4e2d",
"submitTime": "2018-08-23",
"title": "Joyent Node.js\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2019-42560\uff09"
}
RHSA-2018_2553
Vulnerability from csaf_redhat - Published: 2018-08-22 21:15 - Updated: 2024-11-22 12:07Summary
Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Node.js 10.9.0 security update
Notes
Topic
An update is now available for Red Hat OpenShift Application Runtimes.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.
This release of RHOAR Node.js 10.9.0 serves as a replacement for RHOAR Node.js 10.8.0, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.
Security Fix(es):
* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)
* nodejs: Unintentional exposure of uninitialized memory (CVE-2018-7166)
* nodejs: Out of bounds (OOB) write via UCS-2 encoding (CVE-2018-12115)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of RHOAR Node.js 10.9.0 serves as a replacement for RHOAR Node.js 10.8.0, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\n* nodejs: Unintentional exposure of uninitialized memory (CVE-2018-7166)\n\n* nodejs: Out of bounds (OOB) write via UCS-2 encoding (CVE-2018-12115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2553",
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/index#runtime_components_nodejs_rpm_packages",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/index#runtime_components_nodejs_rpm_packages"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"category": "external",
"summary": "1591100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591100"
},
{
"category": "external",
"summary": "1620215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620215"
},
{
"category": "external",
"summary": "1620219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620219"
},
{
"category": "external",
"summary": "NODE-152",
"url": "https://issues.redhat.com/browse/NODE-152"
},
{
"category": "external",
"summary": "NODE-153",
"url": "https://issues.redhat.com/browse/NODE-153"
},
{
"category": "external",
"summary": "NODE-154",
"url": "https://issues.redhat.com/browse/NODE-154"
},
{
"category": "external",
"summary": "NODE-155",
"url": "https://issues.redhat.com/browse/NODE-155"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2553.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Node.js 10.9.0 security update",
"tracking": {
"current_release_date": "2024-11-22T12:07:29+00:00",
"generator": {
"date": "2024-11-22T12:07:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:2553",
"initial_release_date": "2018-08-22T21:15:00+00:00",
"revision_history": [
{
"date": "2018-08-22T21:15:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-08-22T21:15:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T12:07:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Application Runtimes Node.js 10",
"product": {
"name": "Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
},
{
"branches": [
{
"category": "product_version",
"name": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"product": {
"name": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"product_id": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs-debuginfo@10.9.0-1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"product": {
"name": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"product_id": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.2.0-1.10.9.0.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"product": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"product_id": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs@10.9.0-1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"product": {
"name": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"product_id": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs-docs@10.9.0-1.el7?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rhoar-nodejs-1:10.9.0-1.el7.src",
"product": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.src",
"product_id": "rhoar-nodejs-1:10.9.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs@10.9.0-1.el7?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64 as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64"
},
"product_reference": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.src as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src"
},
"product_reference": "rhoar-nodejs-1:10.9.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.x86_64 as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64"
},
"product_reference": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64 as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64"
},
"product_reference": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
},
"product_reference": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2018-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1591100"
}
],
"notes": [
{
"category": "description",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "RHBZ#1591100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591100"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0732"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180612.txt",
"url": "https://www.openssl.org/news/secadv/20180612.txt"
}
],
"release_date": "2018-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-22T21:15:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang"
},
{
"cve": "CVE-2018-7166",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1620215"
}
],
"notes": [
{
"category": "description",
"text": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Unintentional exposure of uninitialized memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7166"
},
{
"category": "external",
"summary": "RHBZ#1620215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7166",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166"
}
],
"release_date": "2018-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-22T21:15:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Unintentional exposure of uninitialized memory"
},
{
"cve": "CVE-2018-12115",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1620219"
}
],
"notes": [
{
"category": "description",
"text": "In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `\u0027ucs2\u0027`, `\u0027ucs-2\u0027`, `\u0027utf16le\u0027` and `\u0027utf-16le\u0027`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Out of bounds (OOB) write via UCS-2 encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Openshift Container Platform 3.x versions are potentially vulnerable via the jenkins-slave-nodejs and jenkins-agent-nodejs containers. However a build would have to occur with a malicious jenkins pipeline, or nodejs source code supplied by an attacker, reducing the impact of this flaw to moderate. Both container images used nodejs delivered from Red Hat Software Collections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12115"
},
{
"category": "external",
"summary": "RHBZ#1620219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12115"
}
],
"release_date": "2018-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-22T21:15:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"category": "workaround",
"details": "On Openshift Container Platform 3.x you can override the container image used on the Jenkins Slave by specifying the JENKINS_SLAVE_IMAGE environment variable in your jenkins deployment configuration. Ref:\n\nhttps://github.com/openshift/jenkins/blob/8e1ab16fb5f44d6570018c5dfa3407692fdba6e5/2/contrib/jenkins/kube-slave-common.sh#L27-L33",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs: Out of bounds (OOB) write via UCS-2 encoding"
}
]
}
RHBA-2019_0772
Vulnerability from csaf_redhat - Published: 2019-04-17 12:31 - Updated: 2024-11-15 03:03Summary
Red Hat Bug Fix Advisory: rh-nodejs10 bug fix update
Notes
Topic
Updated rh-nodejs10 packages that fix one bug are now available for Red Hat Software Collections.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
This update fixes the following bug:
* Due to an incompatibility between the base RHEL zlib library and the rh-nodejs10 Software Collection packages, it was previously impossible to use the npm binary file for installing the Node.js packages or to use the "npm info" command. This bug has been fixed, and npm from the rh-nodejs10 Software Collection now works as expected. (BZ#1696153)
Users of rh-nodejs10 are advised to upgrade to these updated packages, which fix this bug.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated rh-nodejs10 packages that fix one bug are now available for Red Hat Software Collections.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThis update fixes the following bug:\n\n* Due to an incompatibility between the base RHEL zlib library and the rh-nodejs10 Software Collection packages, it was previously impossible to use the npm binary file for installing the Node.js packages or to use the \"npm info\" command. This bug has been fixed, and npm from the rh-nodejs10 Software Collection now works as expected. (BZ#1696153)\n\nUsers of rh-nodejs10 are advised to upgrade to these updated packages, which fix this bug.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:0772",
"url": "https://access.redhat.com/errata/RHBA-2019:0772"
},
{
"category": "external",
"summary": "1696153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696153"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_0772.json"
}
],
"title": "Red Hat Bug Fix Advisory: rh-nodejs10 bug fix update",
"tracking": {
"current_release_date": "2024-11-15T03:03:34+00:00",
"generator": {
"date": "2024-11-15T03:03:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2019:0772",
"initial_release_date": "2019-04-17T12:31:11+00:00",
"revision_history": [
{
"date": "2019-04-17T12:31:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-04-17T12:31:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T03:03:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"product": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"product_id": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-docs@10.10.0-3.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-7166",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1620215"
}
],
"notes": [
{
"category": "description",
"text": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Unintentional exposure of uninitialized memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7166"
},
{
"category": "external",
"summary": "RHBZ#1620215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7166",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166"
}
],
"release_date": "2018-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T12:31:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:0772"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Unintentional exposure of uninitialized memory"
}
]
}
RHSA-2018:2553
Vulnerability from csaf_redhat - Published: 2018-08-22 21:15 - Updated: 2025-11-21 18:05Summary
Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Node.js 10.9.0 security update
Notes
Topic
An update is now available for Red Hat OpenShift Application Runtimes.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.
This release of RHOAR Node.js 10.9.0 serves as a replacement for RHOAR Node.js 10.8.0, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.
Security Fix(es):
* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)
* nodejs: Unintentional exposure of uninitialized memory (CVE-2018-7166)
* nodejs: Out of bounds (OOB) write via UCS-2 encoding (CVE-2018-12115)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of RHOAR Node.js 10.9.0 serves as a replacement for RHOAR Node.js 10.8.0, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\n* nodejs: Unintentional exposure of uninitialized memory (CVE-2018-7166)\n\n* nodejs: Out of bounds (OOB) write via UCS-2 encoding (CVE-2018-12115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2553",
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/index#runtime_components_nodejs_rpm_packages",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/index#runtime_components_nodejs_rpm_packages"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"category": "external",
"summary": "1591100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591100"
},
{
"category": "external",
"summary": "1620215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620215"
},
{
"category": "external",
"summary": "1620219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620219"
},
{
"category": "external",
"summary": "NODE-152",
"url": "https://issues.redhat.com/browse/NODE-152"
},
{
"category": "external",
"summary": "NODE-153",
"url": "https://issues.redhat.com/browse/NODE-153"
},
{
"category": "external",
"summary": "NODE-154",
"url": "https://issues.redhat.com/browse/NODE-154"
},
{
"category": "external",
"summary": "NODE-155",
"url": "https://issues.redhat.com/browse/NODE-155"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2553.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Node.js 10.9.0 security update",
"tracking": {
"current_release_date": "2025-11-21T18:05:53+00:00",
"generator": {
"date": "2025-11-21T18:05:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:2553",
"initial_release_date": "2018-08-22T21:15:00+00:00",
"revision_history": [
{
"date": "2018-08-22T21:15:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-08-22T21:15:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:05:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Application Runtimes Node.js 10",
"product": {
"name": "Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
},
{
"branches": [
{
"category": "product_version",
"name": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"product": {
"name": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"product_id": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs-debuginfo@10.9.0-1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"product": {
"name": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"product_id": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.2.0-1.10.9.0.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"product": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"product_id": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs@10.9.0-1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"product": {
"name": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"product_id": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs-docs@10.9.0-1.el7?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rhoar-nodejs-1:10.9.0-1.el7.src",
"product": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.src",
"product_id": "rhoar-nodejs-1:10.9.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhoar-nodejs@10.9.0-1.el7?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64 as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64"
},
"product_reference": "npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.src as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src"
},
"product_reference": "rhoar-nodejs-1:10.9.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-1:10.9.0-1.el7.x86_64 as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64"
},
"product_reference": "rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64 as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64"
},
"product_reference": "rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch as a component of Red Hat OpenShift Application Runtimes Node.js 10",
"product_id": "7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
},
"product_reference": "rhoar-nodejs-docs-1:10.9.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOAR-NODEJS-10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0732",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2018-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1591100"
}
],
"notes": [
{
"category": "description",
"text": "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-0732"
},
{
"category": "external",
"summary": "RHBZ#1591100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591100"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-0732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0732"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20180612.txt",
"url": "https://www.openssl.org/news/secadv/20180612.txt"
}
],
"release_date": "2018-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-22T21:15:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang"
},
{
"cve": "CVE-2018-7166",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1620215"
}
],
"notes": [
{
"category": "description",
"text": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Unintentional exposure of uninitialized memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7166"
},
{
"category": "external",
"summary": "RHBZ#1620215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7166",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166"
}
],
"release_date": "2018-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-22T21:15:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Unintentional exposure of uninitialized memory"
},
{
"cve": "CVE-2018-12115",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1620219"
}
],
"notes": [
{
"category": "description",
"text": "In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `\u0027ucs2\u0027`, `\u0027ucs-2\u0027`, `\u0027utf16le\u0027` and `\u0027utf-16le\u0027`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Out of bounds (OOB) write via UCS-2 encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Openshift Container Platform 3.x versions are potentially vulnerable via the jenkins-slave-nodejs and jenkins-agent-nodejs containers. However a build would have to occur with a malicious jenkins pipeline, or nodejs source code supplied by an attacker, reducing the impact of this flaw to moderate. Both container images used nodejs delivered from Red Hat Software Collections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12115"
},
{
"category": "external",
"summary": "RHBZ#1620219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12115"
}
],
"release_date": "2018-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-22T21:15:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"category": "workaround",
"details": "On Openshift Container Platform 3.x you can override the container image used on the Jenkins Slave by specifying the JENKINS_SLAVE_IMAGE environment variable in your jenkins deployment configuration. Ref:\n\nhttps://github.com/openshift/jenkins/blob/8e1ab16fb5f44d6570018c5dfa3407692fdba6e5/2/contrib/jenkins/kube-slave-common.sh#L27-L33",
"product_ids": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOAR-NODEJS-10:npm-1:6.2.0-1.10.9.0.1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.src",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-debuginfo-1:10.9.0-1.el7.x86_64",
"7Server-RH7-RHOAR-NODEJS-10:rhoar-nodejs-docs-1:10.9.0-1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs: Out of bounds (OOB) write via UCS-2 encoding"
}
]
}
RHBA-2019:0772
Vulnerability from csaf_redhat - Published: 2019-04-17 12:31 - Updated: 2025-11-21 17:21Summary
Red Hat Bug Fix Advisory: rh-nodejs10 bug fix update
Notes
Topic
Updated rh-nodejs10 packages that fix one bug are now available for Red Hat Software Collections.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
This update fixes the following bug:
* Due to an incompatibility between the base RHEL zlib library and the rh-nodejs10 Software Collection packages, it was previously impossible to use the npm binary file for installing the Node.js packages or to use the "npm info" command. This bug has been fixed, and npm from the rh-nodejs10 Software Collection now works as expected. (BZ#1696153)
Users of rh-nodejs10 are advised to upgrade to these updated packages, which fix this bug.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated rh-nodejs10 packages that fix one bug are now available for Red Hat Software Collections.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nThis update fixes the following bug:\n\n* Due to an incompatibility between the base RHEL zlib library and the rh-nodejs10 Software Collection packages, it was previously impossible to use the npm binary file for installing the Node.js packages or to use the \"npm info\" command. This bug has been fixed, and npm from the rh-nodejs10 Software Collection now works as expected. (BZ#1696153)\n\nUsers of rh-nodejs10 are advised to upgrade to these updated packages, which fix this bug.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:0772",
"url": "https://access.redhat.com/errata/RHBA-2019:0772"
},
{
"category": "external",
"summary": "1696153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696153"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_0772.json"
}
],
"title": "Red Hat Bug Fix Advisory: rh-nodejs10 bug fix update",
"tracking": {
"current_release_date": "2025-11-21T17:21:55+00:00",
"generator": {
"date": "2025-11-21T17:21:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHBA-2019:0772",
"initial_release_date": "2019-04-17T12:31:11+00:00",
"revision_history": [
{
"date": "2019-04-17T12:31:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-04-17T12:31:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:21:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"product": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"product_id": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-docs@10.10.0-3.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"product": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"product_id": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs@10.10.0-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"product": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"product_id": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-debuginfo@10.10.0-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"product": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"product_id": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-nodejs-devel@10.10.0-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"product": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"product_id": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-nodejs10-npm@6.4.1-10.10.0.3.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64"
},
"product_reference": "rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch"
},
"product_reference": "rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
},
"product_reference": "rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-7166",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1620215"
}
],
"notes": [
{
"category": "description",
"text": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Unintentional exposure of uninitialized memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7166"
},
{
"category": "external",
"summary": "RHBZ#1620215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7166",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166"
}
],
"release_date": "2018-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T12:31:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:0772"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-Alt-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.4.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.5.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2-7.6.Z:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Server-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Server-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.src",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-debuginfo-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-devel-0:10.10.0-3.el7.x86_64",
"7Workstation-RHSCL-3.2:rh-nodejs10-nodejs-docs-0:10.10.0-3.el7.noarch",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.aarch64",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.ppc64le",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.s390x",
"7Workstation-RHSCL-3.2:rh-nodejs10-npm-0:6.4.1-10.10.0.3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Unintentional exposure of uninitialized memory"
}
]
}
FKIE_CVE-2018-7166
Vulnerability from fkie_nvd - Published: 2018-08-21 12:29 - Updated: 2024-11-21 04:11
Severity ?
Summary
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer's` internal "fill" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48A01678-361E-4F23-B7D6-41B0C145F491",
"versionEndExcluding": "10.9.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information."
},
{
"lang": "es",
"value": "En todas las versiones de Node.js 10 anteriores a la 10.9.0, un fallo en el procesamiento de argumentos puede provocar que \"Buffer.alloc()\" devuelva memoria no inicializada. Este m\u00e9todo est\u00e1 dise\u00f1ado para ser seguro y solo devuelve la memoria inicializada o borrada. El tercer argumento que especifica \"encoding\" puede ser pasado como un n\u00famero. Esto es malinterpretado por el m\u00e9todo interno \"fill\" del b\u00fafer como el \"comienzo\" de una operaci\u00f3n de llenado (fill). Este defecto puede ser explotado cuando los argumentos \"Buffer.alloc()\" se derivan de la entrada del usuario para devolver bloques de memoria no borrados que pueden contener informaci\u00f3n sensible."
}
],
"id": "CVE-2018-7166",
"lastModified": "2024-11-21T04:11:42.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-21T12:29:00.320",
"references": [
{
"source": "cve-request@iojs.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"source": "cve-request@iojs.org",
"tags": [
"Vendor Advisory"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
}
],
"sourceIdentifier": "cve-request@iojs.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-226"
}
],
"source": "cve-request@iojs.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2018-7166
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer's` internal "fill" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-7166",
"description": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.",
"id": "GSD-2018-7166",
"references": [
"https://www.suse.com/security/cve/CVE-2018-7166.html",
"https://access.redhat.com/errata/RHBA-2019:0772",
"https://access.redhat.com/errata/RHSA-2018:2553"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-7166"
],
"details": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.",
"id": "GSD-2018-7166",
"modified": "2023-12-13T01:22:33.152967Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve-request@iojs.org",
"DATE_PUBLIC": "2018-08-12T00:00:00",
"ID": "CVE-2018-7166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Node.js",
"version": {
"version_data": [
{
"version_value": "All versions of Node.js 10 prior to 10.9.0"
}
]
}
}
]
},
"vendor_name": "The Node.js Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-226: Sensitive Information Uncleared Before Release"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2553",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.9.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve-request@iojs.org",
"ID": "CVE-2018-7166"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/"
},
{
"name": "RHSA-2018:2553",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-09-22T13:59Z",
"publishedDate": "2018-08-21T12:29Z"
}
}
}
GHSA-6V28-C2X2-8P46
Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2022-05-13 01:16
VLAI?
Details
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause Buffer.alloc() to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying encoding can be passed as a number, this is misinterpreted by Buffer's internal "fill" method as the start to a fill operation. This flaw may be abused where Buffer.alloc() arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2018-7166"
],
"database_specific": {
"cwe_ids": [
"CWE-908"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-08-21T12:29:00Z",
"severity": "HIGH"
},
"details": "In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer\u0027s` internal \"fill\" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information.",
"id": "GHSA-6v28-c2x2-8p46",
"modified": "2022-05-13T01:16:08Z",
"published": "2022-05-13T01:16:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7166"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2553"
},
{
"type": "WEB",
"url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…