[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2017:2168-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":60,"epss":9,"epss_history":61,"metrics":62,"affected":63},"SUSE-SU-2017:2168-1","Security update for nodejs4, nodejs6\n\nThis update for nodejs4 and nodejs6 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2017-1000381: The c-ares function ares_parse_naptr_reply() could be triggered to read memory\n  outside of the given input buffer if the passed in DNS response packet was crafted in a\n  particular way. (bsc#1044946)\n- CVE-2017-11499: Disable V8 snapshots. The hashseed embedded in the snapshot is currently the same\n  for all runs of the binary. This opens node up to collision attacks which could result in a Denial\n  of Service. We have temporarily disabled snapshots until a more robust solution is found.\n  (bsc#1048299)\n\nNon-security fixes:\n\n- GCC 7 compilation fixes for v8 backported and add missing ICU59 headers (bsc#1041282)\n- New upstream LTS release 6.11.1\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V6.md#6.11.1\n- New upstream LTS release 6.11.0\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V6.md#6.11.0\n- New upstream LTS release 6.10.3\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V6.md#6.10.3\n- New upstream LTS release 6.10.2\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V6.md#6.10.2\n- New upstream LTS release 6.10.1\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V6.md#6.10.1\n- New upstream LTS release 6.10.0\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V6.md#6.10.0\n\n- New upstream LTS release 4.8.4\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V4.md#4.8.4\n- New upstream LTS release 4.8.3\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V4.md#4.8.3\n- New upstream LTS release 4.8.2\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V4.md#4.8.2\n- New upstream LTS release 4.8.1\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V4.md#4.8.1\n- New upstream LTS release 4.8.0\n  * https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V4.md#4.8.0\n",null,[],[],[],[14,16],{"_key":15},"CVE-2017-1000381",{"_key":17},"CVE-2017-11499",[],[],[21,22],{"_key":15},{"_key":17},"2017-08-15T12:27:34Z","2026-02-04T03:04:02.762470Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43,47,51,56],{"url":29,"sources":30,"tags":32},"https://www.suse.com/support/update/announcement/2017/suse-su-20172168-1/",[31],"osv_suse",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1041282",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.suse.com/1041283",[31],[38],{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1044946",[31],[38],{"url":48,"sources":49,"tags":50},"https://bugzilla.suse.com/1048299",[31],[38],{"url":52,"sources":53,"tags":54},"https://www.suse.com/security/cve/CVE-2017-1000381",[31],[55],"WEB",{"url":57,"sources":58,"tags":59},"https://www.suse.com/security/cve/CVE-2017-11499",[31],[55],[],[],[],[64,77,81,85,92,96,103,107],{"ecosystem":65,"name":66,"vendor":67,"product":68,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":68,"source":9,"versions":70},"SUSE Linux Enterprise","nodejs-common","suse","nodejs-common&distro=SUSE Enterprise Storage 4","rpm",[71],{"version":72,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":75,"version_end_type":76,"fixed_in":9},"lt1_0_2_1",true,"ecosystem","1.0-2.1","excluding",{"ecosystem":65,"name":66,"vendor":67,"product":78,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":78,"source":9,"versions":79},"nodejs-common&distro=SUSE Linux Enterprise Module for Web and Scripting 12",[80],{"version":72,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":75,"version_end_type":76,"fixed_in":9},{"ecosystem":65,"name":66,"vendor":67,"product":82,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":82,"source":9,"versions":83},"nodejs-common&distro=SUSE OpenStack Cloud 7",[84],{"version":72,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":75,"version_end_type":76,"fixed_in":9},{"ecosystem":65,"name":86,"vendor":67,"product":87,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":87,"source":9,"versions":88},"nodejs4","nodejs4&distro=SUSE Enterprise Storage 4",[89],{"version":90,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":91,"version_end_type":76,"fixed_in":9},"lt4_8_4_15_5_1","4.8.4-15.5.1",{"ecosystem":65,"name":86,"vendor":67,"product":93,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":93,"source":9,"versions":94},"nodejs4&distro=SUSE Linux Enterprise Module for Web and Scripting 12",[95],{"version":90,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":91,"version_end_type":76,"fixed_in":9},{"ecosystem":65,"name":97,"vendor":67,"product":98,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":98,"source":9,"versions":99},"nodejs6","nodejs6&distro=SUSE Enterprise Storage 4",[100],{"version":101,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":102,"version_end_type":76,"fixed_in":9},"lt6_11_1_11_5_1","6.11.1-11.5.1",{"ecosystem":65,"name":97,"vendor":67,"product":104,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":104,"source":9,"versions":105},"nodejs6&distro=SUSE Linux Enterprise Module for Web and Scripting 12",[106],{"version":101,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":102,"version_end_type":76,"fixed_in":9},{"ecosystem":65,"name":97,"vendor":67,"product":108,"cpe_part":9,"purl_type":69,"purl_namespace":67,"purl_name":108,"source":9,"versions":109},"nodejs6&distro=SUSE OpenStack Cloud 7",[110],{"version":101,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":102,"version_end_type":76,"fixed_in":9}]