RHSA-2017:0002HighCVSS 7.4
Red Hat Security Advisory: rh-nodejs4-nodejs and rh-nodejs4-http-parser security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2016-1669 — V8: integer overflow leading to buffer overflow in Zone::New CVE-2016-5180 — c-ares: Single byte out of buffer write CVE-2016-5325 — nodejs: reason argument in ServerResponse#writeHead() not properly validated CVE-2016-7099 — nodejs: wildcard certificates not properly validated
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2017:0002
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1335449
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1346910
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1379921
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1380463
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1388097
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0002.json