Overview

File _patchinfo of Package patchinfo.18395

<patchinfo incident="18395">
  <issue tracker="cve" id="2021-22883"/>
  <issue tracker="cve" id="2021-22884"/>
  <issue tracker="bnc" id="1182619">VUL-0: CVE-2021-22883: nodejs10,nodejs12,nodejs14,nodejs: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion</issue>
  <issue tracker="bnc" id="1182620">VUL-0: CVE-2021-22884: nodejs10,nodejs12,nodejs14,nodejs: DNS rebinding in --inspect</issue>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for nodejs14</summary>
  <description>This update for nodejs14 fixes the following issues:

- New upstream LTS version 14.16.0:
  * CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion (bsc#1182619)
  * CVE-2021-22884: DNS rebinding in --inspect (bsc#1182620)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places