File _patchinfo of Package patchinfo.31118

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.31118

<patchinfo incident="31118">
  <issue tracker="cve" id="2023-38552"/>
  <issue tracker="cve" id="2023-44487"/>
  <issue tracker="cve" id="2023-45143"/>
  <issue tracker="cve" id="2023-39333"/>
  <issue tracker="bnc" id="1216272">VUL-0: CVE-2023-38552: nodejs, nodejs-electron: Integrity checks according to policies can be circumvented</issue>
  <issue tracker="bnc" id="1216273">VUL-0: CVE-2023-39333: nodejs, nodejs-electron: Code injection via WebAssembly export names</issue>
  <issue tracker="bnc" id="1216205">VUL-0: CVE-2023-45143: nodejs, nodejs-electron: cookie leakage in undici</issue>
  <issue tracker="bnc" id="1216190">VUL-0: nodejs: Rapid reset attack impact (CVE-2023-44487)</issue>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for nodejs18</summary>
  <description>This update for nodejs18 fixes the following issues:

- Update to version 18.18.2
- CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. (bsc#1216190)
- CVE-2023-45143: Fixed a cookie leakage in undici. (bsc#1216205)
- CVE-2023-38552: Fixed an integrity checks according to policies that could be circumvented. (bsc#1216272)
- CVE-2023-39333: Fixed a code injection via WebAssembly export names. (bsc#1216273)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.31118

Places