Количество 32
Количество 32
SUSE-SU-2025:0284-1
Security update for nodejs22
SUSE-SU-2025:0237-1
Security update for nodejs20
SUSE-SU-2025:0232-1
Security update for nodejs20
ELSA-2025-1613
ELSA-2025-1613: nodejs:22 security update (IMPORTANT)
ELSA-2025-1611
ELSA-2025-1611: nodejs:22 security update (IMPORTANT)
ELSA-2025-1443
ELSA-2025-1443: nodejs:20 security update (IMPORTANT)
ELSA-2025-1351
ELSA-2025-1351: nodejs:20 security update (IMPORTANT)
ROS-20250212-15
Множественные уязвимости nodejs
SUSE-SU-2025:0234-1
Security update for nodejs18
SUSE-SU-2025:0233-1
Security update for nodejs18
ELSA-2025-1582
ELSA-2025-1582: nodejs:18 security update (MODERATE)
ELSA-2025-1446
ELSA-2025-1446: nodejs:18 security update (MODERATE)
CVE-2025-23085
A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.
CVE-2025-23085
A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.
CVE-2025-23085
A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.
CVE-2025-23085
CVE-2025-23085
A memory leak could occur when a remote peer abruptly closes the socke ...
GHSA-qv9x-c8c9-rpr8
A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.
BDU:2025-02664
Уязвимость программной платформы Node.js, связанная с отсутствием освобождения памяти после эффективного срока службы, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2025-23083
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2025:0284-1 Security update for nodejs22 | 6 месяцев назад | ||
| SUSE-SU-2025:0237-1 Security update for nodejs20 | 6 месяцев назад | ||
| SUSE-SU-2025:0232-1 Security update for nodejs20 | 6 месяцев назад | ||
| ELSA-2025-1613 ELSA-2025-1613: nodejs:22 security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2025-1611 ELSA-2025-1611: nodejs:22 security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2025-1443 ELSA-2025-1443: nodejs:20 security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2025-1351 ELSA-2025-1351: nodejs:20 security update (IMPORTANT) | 6 месяцев назад | ||
 | ROS-20250212-15 Множественные уязвимости nodejs | CVSS3: 7.7 | 6 месяцев назад | |
| SUSE-SU-2025:0234-1 Security update for nodejs18 | 6 месяцев назад | ||
| SUSE-SU-2025:0233-1 Security update for nodejs18 | 6 месяцев назад | ||
| ELSA-2025-1582 ELSA-2025-1582: nodejs:18 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2025-1446 ELSA-2025-1446: nodejs:18 security update (MODERATE) | 6 месяцев назад | ||
 | CVE-2025-23085 A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x. | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-23085 A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x. | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-23085 A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x. | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
 | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад | |
| CVE-2025-23085 A memory leak could occur when a remote peer abruptly closes the socke ... | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
| GHSA-qv9x-c8c9-rpr8 A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x. | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
 | BDU:2025-02664 Уязвимость программной платформы Node.js, связанная с отсутствием освобождения памяти после эффективного срока службы, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
| CVE-2025-23083 With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23. | CVSS3: 7.7 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу