AVG-1403 log
Package | nodejs-lts-dubnium |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 10.23.0-2 |
Fixed | 10.23.1-1 |
Current | Removed |
Ticket | None |
Created | Mon Jan 4 23:36:36 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2020-8287 | Low | No | Url request injection | The nodejs release lines 15.x, 14.x, 12.x and 10.x allow two copies of a header field in an HTTP request. For example, two Transfer-Encoding header fields.... |
CVE-2020-8265 | High | No | Arbitrary code execution | The nodejs release lines 15.x, 14.x, 12.x and 10.x are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket,... |
Date | Advisory | Package | Type |
---|---|---|---|
12 Jan 2021 | ASA-202101-13 | nodejs-lts-dubnium | multiple issues |