rpm package
suse/nodejs10&distro=SUSE Linux Enterprise Module for Web and Scripting 15 SP2
pkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015%20SP2
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-10531 | Hig | 8.8 | < 10.21.0-1.21.1 | 10.21.0-1.21.1 | Mar 12, 2020 | An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. | |
| CVE-2020-7598 | Med | 5.6 | < 10.21.0-1.21.1 | 10.21.0-1.21.1 | Mar 11, 2020 | minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload. |
- affected < 10.21.0-1.21.1fixed 10.21.0-1.21.1
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
- affected < 10.21.0-1.21.1fixed 10.21.0-1.21.1
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
Page 2 of 2