RHSA-2021:2932

Description

Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•rh-nodejs14-nodejs

  < 0:14.17.2-1.el7

• redhat•rh-nodejs14-nodejs-debuginfo

  < 0:14.17.2-1.el7

• redhat•rh-nodejs14-nodejs-devel

  < 0:14.17.2-1.el7

• redhat•rh-nodejs14-nodejs-docs

  < 0:14.17.2-1.el7

• redhat•rh-nodejs14-nodejs-nodemon

  < 0:2.0.3-2.el7

• redhat•rh-nodejs14-npm

  < 0:6.14.13-14.17.2.1.el7

References (22)

• https://access.redhat.com/errata/RHSA-2021:2932
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=1941471
• https://bugzilla.redhat.com/show_bug.cgi?id=1942591
• https://bugzilla.redhat.com/show_bug.cgi?id=1943208
• https://bugzilla.redhat.com/show_bug.cgi?id=1964461
• https://bugzilla.redhat.com/show_bug.cgi?id=1979338
• https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2932.json
• https://access.redhat.com/security/cve/CVE-2021-22918
• https://www.cve.org/CVERecord?id=CVE-2021-22918
• https://nvd.nist.gov/vuln/detail/CVE-2021-22918
• https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
• https://access.redhat.com/security/cve/CVE-2021-23362
• https://www.cve.org/CVERecord?id=CVE-2021-23362
• https://nvd.nist.gov/vuln/detail/CVE-2021-23362
• https://access.redhat.com/security/cve/CVE-2021-27290
• https://www.cve.org/CVERecord?id=CVE-2021-27290
• https://nvd.nist.gov/vuln/detail/CVE-2021-27290
• https://access.redhat.com/security/cve/CVE-2021-33502
• https://www.cve.org/CVERecord?id=CVE-2021-33502
• https://nvd.nist.gov/vuln/detail/CVE-2021-33502
• https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539