RHSA-2018:2553

Description

Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Node.js 10.9.0 security update

CVSS Metrics

• v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•npm

  < 1:6.2.0-1.10.9.0.1.el7

• redhat•rhoar-nodejs

  < 1:10.9.0-1.el7

• redhat•rhoar-nodejs-debuginfo

  < 1:10.9.0-1.el7

• redhat•rhoar-nodejs-docs

  < 1:10.9.0-1.el7

References (22)

• https://access.redhat.com/errata/RHSA-2018:2553
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/index#runtime_components_nodejs_rpm_packages
• https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
• https://bugzilla.redhat.com/show_bug.cgi?id=1591100
• https://bugzilla.redhat.com/show_bug.cgi?id=1620215
• https://bugzilla.redhat.com/show_bug.cgi?id=1620219
• https://issues.redhat.com/browse/NODE-152
• https://issues.redhat.com/browse/NODE-153
• https://issues.redhat.com/browse/NODE-154
• https://issues.redhat.com/browse/NODE-155
• https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2553.json
• https://access.redhat.com/security/cve/CVE-2018-0732
• https://www.cve.org/CVERecord?id=CVE-2018-0732
• https://nvd.nist.gov/vuln/detail/CVE-2018-0732
• https://www.openssl.org/news/secadv/20180612.txt
• https://access.redhat.com/security/cve/CVE-2018-7166
• https://www.cve.org/CVERecord?id=CVE-2018-7166
• https://nvd.nist.gov/vuln/detail/CVE-2018-7166
• https://access.redhat.com/security/cve/CVE-2018-12115
• https://www.cve.org/CVERecord?id=CVE-2018-12115
• https://nvd.nist.gov/vuln/detail/CVE-2018-12115