SUSE-SU-2022:1466-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 29 Apr 2022, 09:42
Last modified:04 Feb 2026, 03:50
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
29 Apr 2022, 09:42
Published
Vulnerability first disclosed
04 Feb 2026, 03:50
Last Modified
Vulnerability information updated
Description
Security update for nodejs12 This update for nodejs12 fixes the following issues: - CVE-2021-44906: Fixed a prototype pollution in node-minimist (bsc#1198247). - CVE-2021-44907: Fixed a potential Denial of Service vulnerability in node-qs (bsc#1197283). - CVE-2022-0235: Fixed an exposure of sensitive information to an unauthorized actor in node-fetch (bsc#1194819).
Affected Systems
- suse•nodejs12&distro=SUSE Linux Enterprise Module for Web and Scripting 12
< 12.22.12-1.48.1
References (7)
- https://www.suse.com/support/update/announcement/2022/suse-su-20221466-1/
- https://bugzilla.suse.com/1194819
- https://bugzilla.suse.com/1197283
- https://bugzilla.suse.com/1198247
- https://www.suse.com/security/cve/CVE-2021-44906
- https://www.suse.com/security/cve/CVE-2021-44907
- https://www.suse.com/security/cve/CVE-2022-0235