AVG-2129 log

Package nodejs-lts-dubnium
Status Unknown
Severity High
Type multiple issues
Affected 10.24.0-2
Fixed Unknown
Current Removed
Ticket None
Created Fri Jul 2 08:59:49 2021
Issue Severity Remote Type Description
CVE-2021-27290 High Yes Denial of service
A security issue has been found in Node.js before versions 16.4.1, 14.17.2 and 12.22.2. There is a vulnerability in the ssri npm module which may be...
CVE-2021-23362 Medium Yes Denial of service
A security issue has been found in Node.js before versions 16.4.1, 14.17.2 and 12.22.2. There is a vulnerability in the hosted-git-info npm module which may...
CVE-2021-22918 Medium Yes Information disclosure
libuv before version 1.14.1, as bundled by Node.js before versions 16.4.1, 14.17.2 and 12.22.2, is vulnerable to an out-of-bounds read in the libuv's...
References
https://github.com/nodejs/Release/blob/main/README.md
Notes
Node.js Dubnium is end of life since 2021-04-30, so these issues are not going to get fixed.