SUSE: 2023:1223-1 Important: ReDoS Threat Fixed in bci/nodejs
suse
April 21, 2023
The container bci/nodejs was updated
Summary
Advisory ID: SUSE-SU-2023:1924-1 Released: Thu Apr 20 08:58:59 2023 Summary: Security update for nodejs16 Type: security Severity: important
References
References : 1208744 CVE-2022-25881
1208744,CVE-2022-25881
This update for nodejs16 fixes the following issues:
Update to nodejs LTS version 16.20.0:
Security fixes:
- CVE-2022-25881: Fixed ReDoS vulnerability in http-cache-semantics (bsc#1208744).
Other changes:
- update undici to 5.20.0
- update c-ares to 1.19.0
- update npm to 8.19.4
The following package changes have been done:
- nodejs16-16.20.0-150400.3.18.2 updated
- npm16-16.20.0-150400.3.18.2 updated
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2023:1223-1
Container Tags : bci/node:16 , bci/node:16-15.36 , bci/nodejs:16 , bci/nodejs:16-15.36
Container Release : 15.36
Severity : important
Type : security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!