Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 22.04 LTS USN-6570-1 low: Python vulnerabilities detected

ubuntu
Calendar Grey January 3, 2024
Dist Ubuntu Esm H88
Node.js has resolved multiple security flaws in Ubuntu 22.04. Update promptly to protect your environment.
Several security issues were fixed in Node.js.

Summary

Several security issues were fixed in Node.js.

Software Description:

- nodejs: An open-source, cross-platform JavaScript runtime environment.

Details:

Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a

user or an automated system were tricked into opening a specially crafted input

file, a remote attacker could possibly use this issue to obtain sensitive

information. (CVE-2022-4304)

CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain

inputs. If a user or an automated system were tricked into opening a specially

crafted input file, a remote attacker could possibly use this issue to cause a

denial of service. (CVE-2022-4450)

Octavio Galland and Marcel Böhme discovered that Node.js incorrectly handled

certain inputs. If a user or an automated system were tricked into opening a

specially crafted input file, a remote attacker could possibly use this issue

to cause a denial of service. (CVE-2023-0215)

David Be...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
   libnode-dev                     12.22.9~dfsg-1ubuntu3.3
   libnode72                       12.22.9~dfsg-1ubuntu3.3
   nodejs                          12.22.9~dfsg-1ubuntu3.3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6564-1

CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286,

CVE-2023-0401

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6564-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here