SUSE-SU-2022:1459-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2021-44906 CVE-2021-44907 CVE-2022-0235 CVE-2022-0778

Published: 28 Apr 2022, 12:38

Last modified:04 Feb 2026, 03:07

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Apr 2022, 12:38

Published

Vulnerability first disclosed

04 Feb 2026, 03:07

Last Modified

Vulnerability information updated

Description

Security update for nodejs14 This update for nodejs14 fixes the following issues: - CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877). - CVE-2021-44906: Fixed a prototype pollution in node-minimist (bsc#1198247). - CVE-2021-44907: Fixed a potential Denial of Service vulnerability in node-qs (bsc#1197283). - CVE-2022-0235: Fixed an exposure of sensitive information to an unauthorized actor in node-fetch (bsc#1194819).

Affected Systems

suse•nodejs14&distro=SUSE Linux Enterprise Module for Web and Scripting 12
< 14.19.1-6.28.1

SUSE-SU-2022:1459-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (9)