AVG-1401 log
Package | nodejs-lts-fermium |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 14.15.3-2 |
Fixed | 14.15.4-1 |
Current | Removed |
Ticket | None |
Created | Mon Jan 4 23:34:05 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2020-8287 | Low | No | Url request injection | The nodejs release lines 15.x, 14.x, 12.x and 10.x allow two copies of a header field in an HTTP request. For example, two Transfer-Encoding header fields.... |
CVE-2020-8265 | High | No | Arbitrary code execution | The nodejs release lines 15.x, 14.x, 12.x and 10.x are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket,... |
Date | Advisory | Package | Type |
---|---|---|---|
12 Jan 2021 | ASA-202101-15 | nodejs-lts-fermium | multiple issues |