RHSA-2022:4914

Description

Red Hat Security Advisory: rh-nodejs12-nodejs security, bug fix, and enhancement update

CVSS Metrics

• v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•rh-nodejs12-nodejs

  < 0:12.22.12-2.el7

• redhat•rh-nodejs12-nodejs-debuginfo

  < 0:12.22.12-2.el7

• redhat•rh-nodejs12-nodejs-devel

  < 0:12.22.12-2.el7

• redhat•rh-nodejs12-nodejs-docs

  < 0:12.22.12-2.el7

• redhat•rh-nodejs12-npm

  < 0:6.14.16-12.22.12.2.el7

References (50)

• https://access.redhat.com/errata/RHSA-2022:4914
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=1999731
• https://bugzilla.redhat.com/show_bug.cgi?id=1999739
• https://bugzilla.redhat.com/show_bug.cgi?id=2014057
• https://bugzilla.redhat.com/show_bug.cgi?id=2014059
• https://bugzilla.redhat.com/show_bug.cgi?id=2024702
• https://bugzilla.redhat.com/show_bug.cgi?id=2040839
• https://bugzilla.redhat.com/show_bug.cgi?id=2040846
• https://bugzilla.redhat.com/show_bug.cgi?id=2040856
• https://bugzilla.redhat.com/show_bug.cgi?id=2040862
• https://bugzilla.redhat.com/show_bug.cgi?id=2066009
• https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4914.json
• https://access.redhat.com/security/cve/CVE-2021-3918
• https://www.cve.org/CVERecord?id=CVE-2021-3918
• https://nvd.nist.gov/vuln/detail/CVE-2021-3918
• https://access.redhat.com/security/cve/CVE-2021-22959
• https://www.cve.org/CVERecord?id=CVE-2021-22959
• https://nvd.nist.gov/vuln/detail/CVE-2021-22959
• https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/
• https://access.redhat.com/security/cve/CVE-2021-22960
• https://www.cve.org/CVERecord?id=CVE-2021-22960
• https://nvd.nist.gov/vuln/detail/CVE-2021-22960
• https://access.redhat.com/security/cve/CVE-2021-37701
• https://www.cve.org/CVERecord?id=CVE-2021-37701
• https://nvd.nist.gov/vuln/detail/CVE-2021-37701
• https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
• https://www.npmjs.com/advisories/1779
• https://access.redhat.com/security/cve/CVE-2021-37712
• https://www.cve.org/CVERecord?id=CVE-2021-37712
• https://nvd.nist.gov/vuln/detail/CVE-2021-37712
• https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
• https://www.npmjs.com/advisories/1780
• https://access.redhat.com/security/cve/CVE-2021-44531
• https://www.cve.org/CVERecord?id=CVE-2021-44531
• https://nvd.nist.gov/vuln/detail/CVE-2021-44531
• https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
• https://access.redhat.com/security/cve/CVE-2021-44532
• https://www.cve.org/CVERecord?id=CVE-2021-44532
• https://nvd.nist.gov/vuln/detail/CVE-2021-44532
• https://access.redhat.com/security/cve/CVE-2021-44533
• https://www.cve.org/CVERecord?id=CVE-2021-44533
• https://nvd.nist.gov/vuln/detail/CVE-2021-44533
• https://access.redhat.com/security/cve/CVE-2021-44906
• https://www.cve.org/CVERecord?id=CVE-2021-44906
• https://nvd.nist.gov/vuln/detail/CVE-2021-44906
• https://github.com/advisories/GHSA-xvch-5gv4-984h
• https://access.redhat.com/security/cve/CVE-2022-21824
• https://www.cve.org/CVERecord?id=CVE-2022-21824
• https://nvd.nist.gov/vuln/detail/CVE-2022-21824