Vulnerability Database
Blog
FAQ
Docs
RHSA-2022:6595
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2022:6595
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:6595.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2022:6595
Related
CVE-2020-28469
CVE-2020-7788
CVE-2021-33502
CVE-2021-3807
CVE-2022-29244
CVE-2022-32212
CVE-2022-32213
CVE-2022-32214
CVE-2022-32215
CVE-2022-33987
Published
2024-09-16T08:50:27Z
Modified
2024-10-22T00:29:09Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update
Details
References
https://access.redhat.com/errata/RHSA-2022:6595
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1907444
https://bugzilla.redhat.com/show_bug.cgi?id=1945459
https://bugzilla.redhat.com/show_bug.cgi?id=1964461
https://bugzilla.redhat.com/show_bug.cgi?id=2007557
https://bugzilla.redhat.com/show_bug.cgi?id=2098556
https://bugzilla.redhat.com/show_bug.cgi?id=2102001
https://bugzilla.redhat.com/show_bug.cgi?id=2105422
https://bugzilla.redhat.com/show_bug.cgi?id=2105426
https://bugzilla.redhat.com/show_bug.cgi?id=2105428
https://bugzilla.redhat.com/show_bug.cgi?id=2105430
https://bugzilla.redhat.com/show_bug.cgi?id=2121019
https://bugzilla.redhat.com/show_bug.cgi?id=2124299
https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6595.json
https://access.redhat.com/security/cve/CVE-2020-7788
https://www.cve.org/CVERecord?id=CVE-2020-7788
https://nvd.nist.gov/vuln/detail/CVE-2020-7788
https://access.redhat.com/security/cve/CVE-2020-28469
https://www.cve.org/CVERecord?id=CVE-2020-28469
https://nvd.nist.gov/vuln/detail/CVE-2020-28469
https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
https://access.redhat.com/security/cve/CVE-2021-3807
https://www.cve.org/CVERecord?id=CVE-2021-3807
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://access.redhat.com/security/cve/CVE-2021-33502
https://www.cve.org/CVERecord?id=CVE-2021-33502
https://nvd.nist.gov/vuln/detail/CVE-2021-33502
https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539
https://access.redhat.com/security/cve/CVE-2022-29244
https://www.cve.org/CVERecord?id=CVE-2022-29244
https://nvd.nist.gov/vuln/detail/CVE-2022-29244
https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52
https://access.redhat.com/security/cve/CVE-2022-32212
https://www.cve.org/CVERecord?id=CVE-2022-32212
https://nvd.nist.gov/vuln/detail/CVE-2022-32212
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
https://access.redhat.com/security/cve/CVE-2022-32213
https://www.cve.org/CVERecord?id=CVE-2022-32213
https://nvd.nist.gov/vuln/detail/CVE-2022-32213
https://access.redhat.com/security/cve/CVE-2022-32214
https://www.cve.org/CVERecord?id=CVE-2022-32214
https://nvd.nist.gov/vuln/detail/CVE-2022-32214
https://access.redhat.com/security/cve/CVE-2022-32215
https://www.cve.org/CVERecord?id=CVE-2022-32215
https://nvd.nist.gov/vuln/detail/CVE-2022-32215
https://access.redhat.com/security/cve/CVE-2022-33987
https://www.cve.org/CVERecord?id=CVE-2022-33987
https://nvd.nist.gov/vuln/detail/CVE-2022-33987
https://github.com/sindresorhus/got/pull/2047
https://github.com/sindresorhus/got/releases/tag/v11.8.5
Affected packages
Red Hat:enterprise_linux:9::appstream
/
nodejs-nodemon
Package
Name
nodejs-nodemon
Purl
pkg:rpm/redhat/nodejs-nodemon
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.0.19-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
nodejs
Package
Name
nodejs
Purl
pkg:rpm/redhat/nodejs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:16.16.0-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
nodejs-debuginfo
Package
Name
nodejs-debuginfo
Purl
pkg:rpm/redhat/nodejs-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:16.16.0-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
nodejs-debugsource
Package
Name
nodejs-debugsource
Purl
pkg:rpm/redhat/nodejs-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:16.16.0-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
nodejs-docs
Package
Name
nodejs-docs
Purl
pkg:rpm/redhat/nodejs-docs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:16.16.0-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
nodejs-full-i18n
Package
Name
nodejs-full-i18n
Purl
pkg:rpm/redhat/nodejs-full-i18n
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:16.16.0-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
nodejs-libs
Package
Name
nodejs-libs
Purl
pkg:rpm/redhat/nodejs-libs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:16.16.0-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
nodejs-libs-debuginfo
Package
Name
nodejs-libs-debuginfo
Purl
pkg:rpm/redhat/nodejs-libs-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:16.16.0-1.el9_0
Red Hat:enterprise_linux:9::appstream
/
npm
Package
Name
npm
Purl
pkg:rpm/redhat/npm
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:8.11.0-1.16.16.0.1.el9_0
RHSA-2022:6595 - OSV