File _patchinfo of Package patchinfo.23946

<patchinfo incident="23946">
  <issue tracker="bnc" id="1198247">VUL-0: CVE-2021-44906: nodejs14,nodejs10,nodejs4,nodejs8,nodejs12,nodejs6: minimist: prototype pollution</issue>
  <issue tracker="bnc" id="1197283">VUL-1: CVE-2021-44907: nodejs14,nodejs12,nodejs10,nodejs8,nodejs6,nodejs4,nodejs16: potential Denial of Service vulnerability in qs due to insufficient sanitization of property in the gs.parse function</issue>
  <issue tracker="bnc" id="1194819">VUL-0: CVE-2022-0235: nodejs10,nodejs12,nodejs8,nodejs6,nodejs4,nodejs14: node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor</issue>
  <issue tracker="bnc" id="1196877">VUL-0:  CVE-2022-0778: openssl1,openssl-1_0_0,openssl-1_1,openssl-3: Infinite loop in BN_mod_sqrt() reachable when parsing certificates</issue>
  <issue tracker="cve" id="2022-0235"/>
  <issue tracker="cve" id="2021-44907"/>
  <issue tracker="cve" id="2022-0778"/>
  <issue tracker="cve" id="2021-44906"/>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for nodejs14</summary>
  <description>This update for nodejs14 fixes the following issues:

- CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).
- CVE-2021-44906: Fixed a prototype pollution in node-minimist (bsc#1198247).
- CVE-2021-44907: Fixed a potential Denial of Service vulnerability in node-qs (bsc#1197283).
- CVE-2022-0235: Fixed an exposure of sensitive information to an unauthorized actor in node-fetch (bsc#1194819).
</description>
</patchinfo>