Overview

File _patchinfo of Package patchinfo.20334

<patchinfo incident="20334">
  <issue tracker="bnc" id="1187973">VUL-0: CVE-2021-22918: nodejs10,nodejs12,nodejs14,nodejs,libuv: libuv upgrade - Out of bounds read</issue>
  <issue tracker="bnc" id="1184450">VUL-0: CVE-2020-7774: nodejs8, nodejs10, nodejs12, nodejs14:  y18n Prototype Pollution</issue>
  <issue tracker="bnc" id="1187976">VUL-0: CVE-2021-27290: nodejs10,nodejs12,nodejs14,nodejs: npm upgrade - ssri Regular Expression Denial of Service (ReDoS)</issue>
  <issue tracker="bnc" id="1187977">VUL-0: CVE-2021-23362: nodejs10,nodejs12,nodejs14,nodejs: npm upgrade - hosted-git-info Regular Expression Denial of Service (ReDoS)</issue>
  <issue tracker="cve" id="2021-27290"/>
  <issue tracker="cve" id="2020-7774"/>
  <issue tracker="cve" id="2021-22918"/>
  <issue tracker="cve" id="2021-23362"/>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for nodejs14</summary>
  <description>This update for nodejs14 fixes the following issues:

Update nodejs14 to 14.17.2.

Including fixes for:

- CVE-2021-22918: libuv upgrade - Out of bounds read (bsc#1187973)
- CVE-2021-27290: ssri Regular Expression Denial of Service (bsc#1187976)
- CVE-2021-23362: hosted-git-info Regular Expression Denial of Service (bsc#1187977)
- CVE-2020-7774: y18n Prototype Pollution (bsc#1184450)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places