Ubuntu Security Notice 6822-1 - It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass the policy mechanism. It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation.
56af1cd66722a1eb5f6a693a34869045fe3ef0caa4ecbe64e54e6947bfb6b639Ubuntu Security Notice 6567-2 - USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behavior change leading to a regression in certain environments. This update fixes the problem. Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. Various other issues were also addressed.
a54d7bc90f81ef99a51f6873f6c189be32af415ca78c88b11fc2bd3df9e91a3bRed Hat Security Advisory 2024-2962-03 - An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, and null pointer vulnerabilities.
5c6a7c85db0bdcb9977dc32f48bc0ce2383baefbc07836ebf0be31fc3d5aa2f8Ubuntu Security Notice 6567-1 - Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and escalate privileges. This issue only affected Ubuntu 20.04 LTS.
822fd59a00f432568a1ff02767caa245fcfcf6843527f21aad32e7fa00321108Debian Linux Security Advisory 5589-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data.
99cc458c7d37e5ed3bbb9cd1ecafd2849b5c2bd6325b06e8297be7edef82db88Red Hat Security Advisory 2023-5533-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs. Issues addressed include HTTP request smuggling, buffer overflow, bypass, crlf injection, and denial of service vulnerabilities.
a1de4803284127ae04070476723bb3381abb23fa8706dae7ab1c90bb1713980bRed Hat Security Advisory 2023-5532-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a bypass vulnerability.
65ebad59c8253e88e2143d622570a561509704bf12c8076c64a6937f8aabc54bRed Hat Security Advisory 2023-5362-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
495a3f24d2632110634309010865240af57a5ea7b556b056d308808eae784582Red Hat Security Advisory 2023-5361-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, bypass, and denial of service vulnerabilities.
d17f1315e979971a3621829636966df0e1f09cfbdf28fa99e162ce75d2223793Red Hat Security Advisory 2023-5360-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
e81e319d29d715b4f89864cf976c9fc33fedd006c1df0d2ae413f8194ec09effRed Hat Security Advisory 2023-5363-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
c847a25ac05fb577d9d312fccc92714b065a2a75511c21413ff647b9c3fbba48
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed