Vulnerability Database
Blog
FAQ
Docs
RHSA-2022:7044
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2022:7044
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:7044.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2022:7044
Related
CVE-2021-44531
CVE-2021-44532
CVE-2021-44533
CVE-2021-44906
CVE-2022-21824
CVE-2022-35256
Published
2024-09-29T19:21:06Z
Modified
2024-12-23T10:04:24Z
Severity
9.8 (Critical)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: rh-nodejs14-nodejs security update
Details
References
https://access.redhat.com/errata/RHSA-2022:7044
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2040839
https://bugzilla.redhat.com/show_bug.cgi?id=2040846
https://bugzilla.redhat.com/show_bug.cgi?id=2040856
https://bugzilla.redhat.com/show_bug.cgi?id=2040862
https://bugzilla.redhat.com/show_bug.cgi?id=2066009
https://bugzilla.redhat.com/show_bug.cgi?id=2130518
https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7044.json
https://access.redhat.com/security/cve/CVE-2021-44531
https://www.cve.org/CVERecord?id=CVE-2021-44531
https://nvd.nist.gov/vuln/detail/CVE-2021-44531
https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
https://access.redhat.com/security/cve/CVE-2021-44532
https://www.cve.org/CVERecord?id=CVE-2021-44532
https://nvd.nist.gov/vuln/detail/CVE-2021-44532
https://access.redhat.com/security/cve/CVE-2021-44533
https://www.cve.org/CVERecord?id=CVE-2021-44533
https://nvd.nist.gov/vuln/detail/CVE-2021-44533
https://access.redhat.com/security/cve/CVE-2021-44906
https://www.cve.org/CVERecord?id=CVE-2021-44906
https://nvd.nist.gov/vuln/detail/CVE-2021-44906
https://github.com/advisories/GHSA-xvch-5gv4-984h
https://access.redhat.com/security/cve/CVE-2022-21824
https://www.cve.org/CVERecord?id=CVE-2022-21824
https://nvd.nist.gov/vuln/detail/CVE-2022-21824
https://access.redhat.com/security/cve/CVE-2022-35256
https://www.cve.org/CVERecord?id=CVE-2022-35256
https://nvd.nist.gov/vuln/detail/CVE-2022-35256
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256
Affected packages
Red Hat:rhel_software_collections:3::el7
/
rh-nodejs14-nodejs
Package
Name
rh-nodejs14-nodejs
Purl
pkg:rpm/redhat/rh-nodejs14-nodejs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:14.20.1-2.el7
Red Hat:rhel_software_collections:3::el7
/
rh-nodejs14-nodejs-debuginfo
Package
Name
rh-nodejs14-nodejs-debuginfo
Purl
pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:14.20.1-2.el7
Red Hat:rhel_software_collections:3::el7
/
rh-nodejs14-nodejs-devel
Package
Name
rh-nodejs14-nodejs-devel
Purl
pkg:rpm/redhat/rh-nodejs14-nodejs-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:14.20.1-2.el7
Red Hat:rhel_software_collections:3::el7
/
rh-nodejs14-nodejs-docs
Package
Name
rh-nodejs14-nodejs-docs
Purl
pkg:rpm/redhat/rh-nodejs14-nodejs-docs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:14.20.1-2.el7
Red Hat:rhel_software_collections:3::el7
/
rh-nodejs14-npm
Package
Name
rh-nodejs14-npm
Purl
pkg:rpm/redhat/rh-nodejs14-npm
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:6.14.17-14.20.1.2.el7
RHSA-2022:7044 - OSV