Описание
Security update for nodejs12
This update for nodejs12 fixes the following issues:
- CVE-2022-25881: Fixed regular expression denial of service vulnerability (bsc#1208744).
Список пакетов
SUSE Enterprise Storage 7
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Enterprise Storage 7.1
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Linux Enterprise Server 15 SP2-LTSS
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Linux Enterprise Server 15 SP3-LTSS
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
SUSE Manager Server 4.2
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
openSUSE Leap 15.4
nodejs12-12.22.12-150200.4.47.1
nodejs12-devel-12.22.12-150200.4.47.1
nodejs12-docs-12.22.12-150200.4.47.1
npm12-12.22.12-150200.4.47.1
Ссылки
- Link for SUSE-SU-2023:1876-1
- E-Mail link for SUSE-SU-2023:1876-1
- SUSE Security Ratings
- SUSE Bug 1208744
- SUSE CVE CVE-2022-25881 page
Описание
This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.
Затронутые продукты
SUSE Enterprise Storage 7.1:nodejs12-12.22.12-150200.4.47.1
SUSE Enterprise Storage 7.1:nodejs12-devel-12.22.12-150200.4.47.1
SUSE Enterprise Storage 7.1:nodejs12-docs-12.22.12-150200.4.47.1
SUSE Enterprise Storage 7.1:npm12-12.22.12-150200.4.47.1
Ссылки
- CVE-2022-25881
- SUSE Bug 1208744