VYPR

rpm package

suse/nodejs16&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

pkg:rpm/suse/nodejs16&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS

Vulnerabilities (22)

  • CVE-2023-24807Feb 16, 2023
    affected < 16.19.1-150300.7.18.1fixed 16.19.1-150300.7.18.1

    Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular

  • CVE-2022-25881Jan 31, 2023
    affected < 16.20.0-150300.7.21.2fixed 16.20.0-150300.7.21.2

    This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.

Page 2 of 2