RHSA-2023:0612MediumCVSS 7.5

Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update

Published
February 6, 2023
Last Modified
June 29, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2021-35065 — glob-parent: Regular Expression Denial of Service CVE-2021-44906 — minimist: prototype pollution CVE-2022-0235 — node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-3517 — nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-24999 — express: "qs" prototype poisoning causes the hang of the node process CVE-2022-43548 — nodejs: DNS rebinding in inspect via invalid octal IP address

🔗 References (11)