RHSA-2021:0521MediumCVSS 8.1

Red Hat Security Advisory: rh-nodejs10-nodejs security update

Published
February 15, 2021
Last Modified
June 26, 2026

🔗 CVE IDs covered (10)

📋 Description

CVE-2020-7608 — nodejs-yargs-parser: prototype pollution vulnerability CVE-2020-7754 — nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS CVE-2020-7774 — nodejs-y18n: prototype pollution vulnerability CVE-2020-7788 — nodejs-ini: Prototype pollution via malicious INI file CVE-2020-8116 — nodejs-dot-prop: prototype pollution CVE-2020-8252 — libuv: buffer overflow in realpath CVE-2020-8265 — nodejs: use-after-free in the TLS implementation CVE-2020-8287 — nodejs: HTTP request smuggling via two copies of a header field in an http request CVE-2020-15095 — npm: sensitive information exposure through logs CVE-2020-15366 — nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function

🔗 References (13)