OESA-2026-1600

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-1600

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2026-1600.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2026-1600

Upstream

CVE-2024-38999

Published

2026-03-15T05:56:07Z

Modified

2026-03-15T06:19:22.779073Z

Summary

nodejs-requirejs security update

Details

RequireJS is a JavaScript file and module loader. It is optimized for in-browser use, but it can be used in other JavaScript environments, like Rhino and Node. Using a modular script loader like RequireJS will improve the speed and quality of your code.

Security Fix(es):

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.(CVE-2024-38999)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:20.03-LTS-SP4

nodejs-requirejs

Package

Name: nodejs-requirejs
Purl: pkg:rpm/openEuler/nodejs-requirejs&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.11-3.oe2003sp4

Ecosystem specific

{
    "noarch": [
        "nodejs-requirejs-2.1.11-3.oe2003sp4.noarch.rpm"
    ],
    "src": [
        "nodejs-requirejs-2.1.11-3.oe2003sp4.src.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-1600.json"

openEuler:22.03-LTS-SP4

nodejs-requirejs

Package

Name: nodejs-requirejs
Purl: pkg:rpm/openEuler/nodejs-requirejs&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.11-3.oe2203sp4

Ecosystem specific

{
    "noarch": [
        "nodejs-requirejs-2.1.11-3.oe2203sp4.noarch.rpm"
    ],
    "src": [
        "nodejs-requirejs-2.1.11-3.oe2203sp4.src.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-1600.json"

openEuler:24.03-LTS

nodejs-requirejs

Package

Name: nodejs-requirejs
Purl: pkg:rpm/openEuler/nodejs-requirejs&distro=openEuler-24.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.11-3.oe2403sp3

Ecosystem specific

{
    "noarch": [
        "nodejs-requirejs-2.1.11-3.oe2403.noarch.rpm",
        "nodejs-requirejs-2.1.11-3.oe2403sp1.noarch.rpm",
        "nodejs-requirejs-2.1.11-3.oe2403sp2.noarch.rpm",
        "nodejs-requirejs-2.1.11-3.oe2403sp3.noarch.rpm"
    ],
    "src": [
        "nodejs-requirejs-2.1.11-3.oe2403.src.rpm",
        "nodejs-requirejs-2.1.11-3.oe2403sp1.src.rpm",
        "nodejs-requirejs-2.1.11-3.oe2403sp2.src.rpm",
        "nodejs-requirejs-2.1.11-3.oe2403sp3.src.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-1600.json"

openEuler:24.03-LTS-SP1

nodejs-requirejs

Package

Name: nodejs-requirejs
Purl: pkg:rpm/openEuler/nodejs-requirejs&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.11-3.oe2403sp1

Ecosystem specific

{
    "noarch": [
        "nodejs-requirejs-2.1.11-3.oe2403sp1.noarch.rpm"
    ],
    "src": [
        "nodejs-requirejs-2.1.11-3.oe2403sp1.src.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-1600.json"

openEuler:24.03-LTS-SP2

nodejs-requirejs

Package

Name: nodejs-requirejs
Purl: pkg:rpm/openEuler/nodejs-requirejs&distro=openEuler-24.03-LTS-SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.11-3.oe2403sp2

Ecosystem specific

{
    "noarch": [
        "nodejs-requirejs-2.1.11-3.oe2403sp2.noarch.rpm"
    ],
    "src": [
        "nodejs-requirejs-2.1.11-3.oe2403sp2.src.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-1600.json"

openEuler:24.03-LTS-SP3

nodejs-requirejs

Package

Name: nodejs-requirejs
Purl: pkg:rpm/openEuler/nodejs-requirejs&distro=openEuler-24.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.11-3.oe2403sp3

Ecosystem specific

{
    "noarch": [
        "nodejs-requirejs-2.1.11-3.oe2403sp3.noarch.rpm"
    ],
    "src": [
        "nodejs-requirejs-2.1.11-3.oe2403sp3.src.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-1600.json"