Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-8287 (GCVE-0-2020-8287)
Vulnerability from cvelistv5 – Published: 2021-01-06 00:00 – Updated: 2025-04-30 22:24
VLAI
EPSS
Summary
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.
Severity
No CVSS data available.
CWE
- CWE-444 - HTTP Request Smuggling (CWE-444)
Assigner
References
10 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NodeJS | Node |
Affected:
4.0 , < 4.*
(semver)
Affected: 5.0 , < 5.* (semver) Affected: 6.0 , < 6.* (semver) Affected: 7.0 , < 7.* (semver) Affected: 8.0 , < 8.* (semver) Affected: 9.0 , < 9.* (semver) Affected: 10.0 , < 10.23.1 (semver) Affected: 11.0 , < 11.* (semver) Affected: 12.0 , < 12.20.1 (semver) Affected: 13.0 , < 13.* (semver) Affected: 14.0 , < 14.15.4 (semver) Affected: 15.0 , < 15.5.1 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1002188"
},
{
"tags": [
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/"
},
{
"name": "DSA-4826",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4826"
},
{
"name": "FEDORA-2021-fb1a136393",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4I6MZNC7C7VIDQR267OL4TVCI3ZKAC4/"
},
{
"name": "GLSA-202101-07",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-07"
},
{
"name": "FEDORA-2021-d5b2c18fe6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H472D5HPXN6RRXCNFML3BK5OYC52CXF2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210212-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"name": "[debian-lts-announce] 20221205 [SECURITY] [DLA 3224-1] http-parser security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Node",
"vendor": "NodeJS",
"versions": [
{
"lessThan": "4.*",
"status": "affected",
"version": "4.0",
"versionType": "semver"
},
{
"lessThan": "5.*",
"status": "affected",
"version": "5.0",
"versionType": "semver"
},
{
"lessThan": "6.*",
"status": "affected",
"version": "6.0",
"versionType": "semver"
},
{
"lessThan": "7.*",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "8.*",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "9.*",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThan": "10.23.1",
"status": "affected",
"version": "10.0",
"versionType": "semver"
},
{
"lessThan": "11.*",
"status": "affected",
"version": "11.0",
"versionType": "semver"
},
{
"lessThan": "12.20.1",
"status": "affected",
"version": "12.0",
"versionType": "semver"
},
{
"lessThan": "13.*",
"status": "affected",
"version": "13.0",
"versionType": "semver"
},
{
"lessThan": "14.15.4",
"status": "affected",
"version": "14.0",
"versionType": "semver"
},
{
"lessThan": "15.5.1",
"status": "affected",
"version": "15.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "HTTP Request Smuggling (CWE-444)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T22:24:29.487Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1002188"
},
{
"url": "https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/"
},
{
"name": "DSA-4826",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4826"
},
{
"name": "FEDORA-2021-fb1a136393",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4I6MZNC7C7VIDQR267OL4TVCI3ZKAC4/"
},
{
"name": "GLSA-202101-07",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202101-07"
},
{
"name": "FEDORA-2021-d5b2c18fe6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H472D5HPXN6RRXCNFML3BK5OYC52CXF2/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210212-0003/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"name": "[debian-lts-announce] 20221205 [SECURITY] [DLA 3224-1] http-parser security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00009.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8287",
"datePublished": "2021-01-06T00:00:00.000Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2025-04-30T22:24:29.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-8287",
"date": "2026-05-30",
"epss": "0.11865",
"percentile": "0.93848"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-8287\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2021-01-06T21:15:14.707\",\"lastModified\":\"2024-11-21T05:38:39.843\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.\"},{\"lang\":\"es\",\"value\":\"Node.js versiones anteriores a 10.23.1, 12.20.1, 14.15.4, 15.5.1 permiten dos copias de un campo de encabezado en una petici\u00f3n HTTP (por ejemplo, dos campos de encabezado Transfer-Encoding).\u0026#xa0;En este caso, Node.js identifica el primer campo de encabezado e ignora el segundo.\u0026#xa0;Esto puede conllevar a un Tr\u00e1fico no Autorizado de Peticiones HTTP\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.23.1\",\"matchCriteriaId\":\"8042EBD0-9F28-43DF-BF27-DD3BBBD3E017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.20.1\",\"matchCriteriaId\":\"5E1AAC61-6E2E-46F8-BB51-D615FC87DA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndExcluding\":\"14.15.4\",\"matchCriteriaId\":\"1DF64627-51CF-41BB-A9D2-B23DAC590FF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"15.0.0\",\"versionEndExcluding\":\"15.5.1\",\"matchCriteriaId\":\"B6E4C7D3-2F1D-49B8-95AF-B89D82267ECB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:19.3.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"937F66F5-F5BA-4156-82E0-EB2C99ABD41A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:20.3.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"BC0F8B31-F93B-40B6-9C06-A3996DC63829\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.1\",\"matchCriteriaId\":\"B0F46497-4AB0-49A7-9453-CC26837BF253\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/1002188\",\"source\":\"support@hackerone.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/12/msg00009.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H472D5HPXN6RRXCNFML3BK5OYC52CXF2/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4I6MZNC7C7VIDQR267OL4TVCI3ZKAC4/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-07\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210212-0003/\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4826\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/1002188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/12/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H472D5HPXN6RRXCNFML3BK5OYC52CXF2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4I6MZNC7C7VIDQR267OL4TVCI3ZKAC4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-07\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210212-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
SUSE-SU-2021:0121-1
Vulnerability from csaf_suse - Published: 2021-01-14 09:27 - Updated: 2021-01-14 09:27Summary
Security update for nodejs8
Severity
Moderate
Notes
Title of the patch: Security update for nodejs8
Description of the patch: This update for nodejs8 fixes the following issue:
- CVE-2020-8287: Fixed an HTTP request smuggling vulnerability (bsc#1180554).
Patchnames: SUSE-2021-121,SUSE-SLE-Module-Web-Scripting-15-SP2-2021-121
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-docs-8.17.0-10.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs8 fixes the following issue:\n\n- CVE-2020-8287: Fixed an HTTP request smuggling vulnerability (bsc#1180554).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-121,SUSE-SLE-Module-Web-Scripting-15-SP2-2021-121",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0121-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:0121-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210121-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:0121-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008198.html"
},
{
"category": "self",
"summary": "SUSE Bug 1180554",
"url": "https://bugzilla.suse.com/1180554"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8287 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8287/"
}
],
"title": "Security update for nodejs8",
"tracking": {
"current_release_date": "2021-01-14T09:27:53Z",
"generator": {
"date": "2021-01-14T09:27:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:0121-1",
"initial_release_date": "2021-01-14T09:27:53Z",
"revision_history": [
{
"date": "2021-01-14T09:27:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.6.1.aarch64",
"product": {
"name": "nodejs8-8.17.0-10.6.1.aarch64",
"product_id": "nodejs8-8.17.0-10.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.6.1.aarch64",
"product": {
"name": "nodejs8-devel-8.17.0-10.6.1.aarch64",
"product_id": "nodejs8-devel-8.17.0-10.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.6.1.aarch64",
"product": {
"name": "npm8-8.17.0-10.6.1.aarch64",
"product_id": "npm8-8.17.0-10.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.6.1.i586",
"product": {
"name": "nodejs8-8.17.0-10.6.1.i586",
"product_id": "nodejs8-8.17.0-10.6.1.i586"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.6.1.i586",
"product": {
"name": "nodejs8-devel-8.17.0-10.6.1.i586",
"product_id": "nodejs8-devel-8.17.0-10.6.1.i586"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.6.1.i586",
"product": {
"name": "npm8-8.17.0-10.6.1.i586",
"product_id": "npm8-8.17.0-10.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-docs-8.17.0-10.6.1.noarch",
"product": {
"name": "nodejs8-docs-8.17.0-10.6.1.noarch",
"product_id": "nodejs8-docs-8.17.0-10.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.6.1.ppc64le",
"product": {
"name": "nodejs8-8.17.0-10.6.1.ppc64le",
"product_id": "nodejs8-8.17.0-10.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.6.1.ppc64le",
"product": {
"name": "nodejs8-devel-8.17.0-10.6.1.ppc64le",
"product_id": "nodejs8-devel-8.17.0-10.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.6.1.ppc64le",
"product": {
"name": "npm8-8.17.0-10.6.1.ppc64le",
"product_id": "npm8-8.17.0-10.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.6.1.s390x",
"product": {
"name": "nodejs8-8.17.0-10.6.1.s390x",
"product_id": "nodejs8-8.17.0-10.6.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.6.1.s390x",
"product": {
"name": "nodejs8-devel-8.17.0-10.6.1.s390x",
"product_id": "nodejs8-devel-8.17.0-10.6.1.s390x"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.6.1.s390x",
"product": {
"name": "npm8-8.17.0-10.6.1.s390x",
"product_id": "npm8-8.17.0-10.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-10.6.1.x86_64",
"product": {
"name": "nodejs8-8.17.0-10.6.1.x86_64",
"product_id": "nodejs8-8.17.0-10.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-10.6.1.x86_64",
"product": {
"name": "nodejs8-devel-8.17.0-10.6.1.x86_64",
"product_id": "nodejs8-devel-8.17.0-10.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-10.6.1.x86_64",
"product": {
"name": "npm8-8.17.0-10.6.1.x86_64",
"product_id": "npm8-8.17.0-10.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.6.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.aarch64"
},
"product_reference": "nodejs8-8.17.0-10.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.6.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.ppc64le"
},
"product_reference": "nodejs8-8.17.0-10.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.6.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.s390x"
},
"product_reference": "nodejs8-8.17.0-10.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-10.6.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.x86_64"
},
"product_reference": "nodejs8-8.17.0-10.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.6.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-10.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.6.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-10.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.6.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-10.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-10.6.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-10.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-10.6.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-docs-8.17.0-10.6.1.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-10.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.6.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.aarch64"
},
"product_reference": "npm8-8.17.0-10.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.6.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.ppc64le"
},
"product_reference": "npm8-8.17.0-10.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.6.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.s390x"
},
"product_reference": "npm8-8.17.0-10.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-10.6.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.x86_64"
},
"product_reference": "npm8-8.17.0-10.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8287"
}
],
"notes": [
{
"category": "general",
"text": "Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-docs-8.17.0-10.6.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8287",
"url": "https://www.suse.com/security/cve/CVE-2020-8287"
},
{
"category": "external",
"summary": "SUSE Bug 1180554 for CVE-2020-8287",
"url": "https://bugzilla.suse.com/1180554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-docs-8.17.0-10.6.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-8.17.0-10.6.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-devel-8.17.0-10.6.1.x86_64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:nodejs8-docs-8.17.0-10.6.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.aarch64",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.ppc64le",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.s390x",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP2:npm8-8.17.0-10.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-14T09:27:53Z",
"details": "moderate"
}
],
"title": "CVE-2020-8287"
}
]
}
SUSE-SU-2021:0224-1
Vulnerability from csaf_suse - Published: 2021-01-26 14:08 - Updated: 2021-01-26 14:08Summary
Security update for nodejs8
Severity
Moderate
Notes
Title of the patch: Security update for nodejs8
Description of the patch: This update for nodejs8 fixes the following issue:
- CVE-2020-8287: Fixed an HTTP request smuggling vulnerability (bsc#1180554).
Patchnames: SUSE-2021-224,SUSE-SLE-Product-HPC-15-2021-224,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-224,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-224,SUSE-SLE-Product-SLES-15-2021-224,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-224,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-224,SUSE-SLE-Product-SLES_SAP-15-2021-224,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-224,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-224,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-224,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-224,SUSE-Storage-6-2021-224
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
97 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nodejs8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nodejs8 fixes the following issue:\n\n- CVE-2020-8287: Fixed an HTTP request smuggling vulnerability (bsc#1180554).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-224,SUSE-SLE-Product-HPC-15-2021-224,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-224,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-224,SUSE-SLE-Product-SLES-15-2021-224,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-224,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-224,SUSE-SLE-Product-SLES_SAP-15-2021-224,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-224,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-224,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-224,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-224,SUSE-Storage-6-2021-224",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0224-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:0224-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210224-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:0224-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008247.html"
},
{
"category": "self",
"summary": "SUSE Bug 1180554",
"url": "https://bugzilla.suse.com/1180554"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8287 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8287/"
}
],
"title": "Security update for nodejs8",
"tracking": {
"current_release_date": "2021-01-26T14:08:54Z",
"generator": {
"date": "2021-01-26T14:08:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:0224-1",
"initial_release_date": "2021-01-26T14:08:54Z",
"revision_history": [
{
"date": "2021-01-26T14:08:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.42.2.aarch64",
"product": {
"name": "nodejs8-8.17.0-3.42.2.aarch64",
"product_id": "nodejs8-8.17.0-3.42.2.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"product": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"product_id": "nodejs8-devel-8.17.0-3.42.2.aarch64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.42.2.aarch64",
"product": {
"name": "npm8-8.17.0-3.42.2.aarch64",
"product_id": "npm8-8.17.0-3.42.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.42.2.i586",
"product": {
"name": "nodejs8-8.17.0-3.42.2.i586",
"product_id": "nodejs8-8.17.0-3.42.2.i586"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.42.2.i586",
"product": {
"name": "nodejs8-devel-8.17.0-3.42.2.i586",
"product_id": "nodejs8-devel-8.17.0-3.42.2.i586"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.42.2.i586",
"product": {
"name": "npm8-8.17.0-3.42.2.i586",
"product_id": "npm8-8.17.0-3.42.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-docs-8.17.0-3.42.2.noarch",
"product": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch",
"product_id": "nodejs8-docs-8.17.0-3.42.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.42.2.ppc64le",
"product": {
"name": "nodejs8-8.17.0-3.42.2.ppc64le",
"product_id": "nodejs8-8.17.0-3.42.2.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.42.2.ppc64le",
"product": {
"name": "nodejs8-devel-8.17.0-3.42.2.ppc64le",
"product_id": "nodejs8-devel-8.17.0-3.42.2.ppc64le"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.42.2.ppc64le",
"product": {
"name": "npm8-8.17.0-3.42.2.ppc64le",
"product_id": "npm8-8.17.0-3.42.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.42.2.s390x",
"product": {
"name": "nodejs8-8.17.0-3.42.2.s390x",
"product_id": "nodejs8-8.17.0-3.42.2.s390x"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.42.2.s390x",
"product": {
"name": "nodejs8-devel-8.17.0-3.42.2.s390x",
"product_id": "nodejs8-devel-8.17.0-3.42.2.s390x"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.42.2.s390x",
"product": {
"name": "npm8-8.17.0-3.42.2.s390x",
"product_id": "npm8-8.17.0-3.42.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs8-8.17.0-3.42.2.x86_64",
"product": {
"name": "nodejs8-8.17.0-3.42.2.x86_64",
"product_id": "nodejs8-8.17.0-3.42.2.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"product": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"product_id": "nodejs8-devel-8.17.0-3.42.2.x86_64"
}
},
{
"category": "product_version",
"name": "npm8-8.17.0-3.42.2.x86_64",
"product": {
"name": "npm8-8.17.0-3.42.2.x86_64",
"product_id": "npm8-8.17.0-3.42.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.0",
"product": {
"name": "SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.0",
"product": {
"name": "SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.0",
"product": {
"name": "SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.s390x"
},
"product_reference": "nodejs8-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.s390x"
},
"product_reference": "npm8-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.s390x"
},
"product_reference": "nodejs8-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.s390x"
},
"product_reference": "npm8-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.ppc64le as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.s390x as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.s390x"
},
"product_reference": "nodejs8-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.ppc64le as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.ppc64le"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.s390x as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.s390x"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.ppc64le as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.ppc64le"
},
"product_reference": "npm8-8.17.0-3.42.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.s390x as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.s390x"
},
"product_reference": "npm8-8.17.0-3.42.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-8.17.0-3.42.2.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.aarch64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-devel-8.17.0-3.42.2.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.x86_64"
},
"product_reference": "nodejs8-devel-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs8-docs-8.17.0-3.42.2.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.42.2.noarch"
},
"product_reference": "nodejs8-docs-8.17.0-3.42.2.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.aarch64"
},
"product_reference": "npm8-8.17.0-3.42.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm8-8.17.0-3.42.2.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.x86_64"
},
"product_reference": "npm8-8.17.0-3.42.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8287"
}
],
"notes": [
{
"category": "general",
"text": "Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Proxy 4.0:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Retail Branch Server 4.0:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8287",
"url": "https://www.suse.com/security/cve/CVE-2020-8287"
},
{
"category": "external",
"summary": "SUSE Bug 1180554 for CVE-2020-8287",
"url": "https://bugzilla.suse.com/1180554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Proxy 4.0:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Retail Branch Server 4.0:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Enterprise Storage 6:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.aarch64",
"SUSE Enterprise Storage 6:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.s390x",
"SUSE Linux Enterprise Server 15-LTSS:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:npm8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Proxy 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Proxy 4.0:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Retail Branch Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Retail Branch Server 4.0:npm8-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:nodejs8-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:nodejs8-devel-8.17.0-3.42.2.x86_64",
"SUSE Manager Server 4.0:nodejs8-docs-8.17.0-3.42.2.noarch",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.ppc64le",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.s390x",
"SUSE Manager Server 4.0:npm8-8.17.0-3.42.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-26T14:08:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-8287"
}
]
}
WID-SEC-W-2022-1000
Vulnerability from csaf_certbund - Published: 2021-01-04 23:00 - Updated: 2025-06-19 22:00Summary
Node.js: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Node.js ist eine Plattform zur Entwicklung von Netzwerkanwendungen.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Node.js ausnutzen, um einen Denial of Service Angriff oder ein "HTTP request smuggling" durchzuführen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Sonstiges
- Windows
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HPE Switch
HPE
|
cpe:/h:hp:switch:2620
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Broadcom Brocade Switch
Broadcom
|
cpe:/h:brocade:switch:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
HCL BigFix
HCL
|
cpe:/a:hcltech:bigfix:-
|
— | |
|
Open Source Node.js <12.20.1
Open Source / Node.js
|
<12.20.1 | ||
|
Open Source Node.js <14.15.4
Open Source / Node.js
|
<14.15.4 | ||
|
Open Source Node.js <15.5.1
Open Source / Node.js
|
<15.5.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium Insights <3.0
IBM / Security Guardium
|
Insights <3.0 | ||
|
Hitachi Ops Center Analyzer <10.9.1-00
Hitachi / Ops Center
|
Analyzer <10.9.1-00 | ||
|
Open Source Node.js <10.23.1
Open Source / Node.js
|
<10.23.1 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Node.js <12.20.1
Open Source / Node.js
|
<12.20.1 | ||
|
Open Source Node.js <14.15.4
Open Source / Node.js
|
<14.15.4 | ||
|
Open Source Node.js <15.5.1
Open Source / Node.js
|
<15.5.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium Insights <3.0
IBM / Security Guardium
|
Insights <3.0 | ||
|
Hitachi Ops Center Analyzer <10.9.1-00
Hitachi / Ops Center
|
Analyzer <10.9.1-00 | ||
|
Open Source Node.js <10.23.1
Open Source / Node.js
|
<10.23.1 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Node.js <12.20.1
Open Source / Node.js
|
<12.20.1 | ||
|
Open Source Node.js <14.15.4
Open Source / Node.js
|
<14.15.4 | ||
|
Open Source Node.js <15.5.1
Open Source / Node.js
|
<15.5.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium Insights <3.0
IBM / Security Guardium
|
Insights <3.0 | ||
|
Hitachi Ops Center Analyzer <10.9.1-00
Hitachi / Ops Center
|
Analyzer <10.9.1-00 | ||
|
Open Source Node.js <10.23.1
Open Source / Node.js
|
<10.23.1 |
References
35 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Node.js ist eine Plattform zur Entwicklung von Netzwerkanwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Node.js ausnutzen, um einen Denial of Service Angriff oder ein \"HTTP request smuggling\" durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1000 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-1000.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1000 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1000"
},
{
"category": "external",
"summary": "Node.js Security Releases vom 2021-01-04",
"url": "https://nodejs.org/en/blog/vulnerability/january-2021-security-releases"
},
{
"category": "external",
"summary": "PoC CVE-2020-8265 vom 2021-01-05",
"url": "https://packetstormsecurity.com/files/160807"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4826 vom 2021-01-07",
"url": "https://www.debian.org/security/2021/dsa-4826"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202101-07 vom 2021-01-11",
"url": "https://security.gentoo.org/glsa/202101-07"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0062-1 vom 2021-01-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008168.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0068-1 vom 2021-01-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008167.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0060-1 vom 2021-01-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008169.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0061-1 vom 2021-01-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008166.html"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202101-16 vom 2021-01-13",
"url": "https://security.archlinux.org/ASA-202101-16/generate"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0082-1 vom 2021-01-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008175.html"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202101-15 vom 2021-01-13",
"url": "https://security.archlinux.org/ASA-202101-15/generate"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202101-14 vom 2021-01-13",
"url": "https://security.archlinux.org/ASA-202101-14/generate"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202101-13 vom 2021-01-13",
"url": "https://security.archlinux.org/ASA-202101-13/generate"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0107-1 vom 2021-01-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008192.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0121-1 vom 2021-01-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008198.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0037 vom 2021-01-18",
"url": "https://access.redhat.com/errata/RHSA-2021:0038"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0224-1 vom 2021-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008247.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0421 vom 2021-02-04",
"url": "https://access.redhat.com/errata/RHSA-2021:0421"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0485 vom 2021-02-11",
"url": "https://access.redhat.com/errata/RHSA-2021:0485"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0521 vom 2021-02-15",
"url": "https://access.redhat.com/errata/RHSA-2021:0521"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0548 vom 2021-02-16",
"url": "https://access.redhat.com/errata/RHSA-2021:0548"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0549 vom 2021-02-16",
"url": "https://access.redhat.com/errata/RHSA-2021:0549"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0551 vom 2021-02-16",
"url": "https://access.redhat.com/errata/RHSA-2021:0551"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-0548 vom 2021-02-20",
"url": "https://linux.oracle.com/errata/ELSA-2021-0548.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-0549 vom 2021-02-20",
"url": "https://linux.oracle.com/errata/ELSA-2021-0549.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-0551 vom 2021-02-20",
"url": "https://linux.oracle.com/errata/ELSA-2021-0551.html"
},
{
"category": "external",
"summary": "HPE Security Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04141en_us"
},
{
"category": "external",
"summary": "HCL Article KB0090800 vom 2021-08-03",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0090800"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5563-1 vom 2022-08-10",
"url": "https://ubuntu.com/security/notices/USN-5563-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3224 vom 2022-12-05",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00009.html"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-110 vom 2023-02-28",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-110/index.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6380-1 vom 2023-09-19",
"url": "https://ubuntu.com/security/notices/USN-6380-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6469135 vom 2025-06-19",
"url": "https://www.ibm.com/support/pages/node/6469135"
}
],
"source_lang": "en-US",
"title": "Node.js: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-19T22:00:00.000+00:00",
"generator": {
"date": "2025-06-20T08:09:04.008+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-1000",
"initial_release_date": "2021-01-04T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-01-04T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-01-05T23:00:00.000+00:00",
"number": "2",
"summary": "PoC f\u00fcr CVE-2020-8265 aufgenommen"
},
{
"date": "2021-01-07T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2021-01-10T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2021-01-11T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-01-12T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Arch Linux und SUSE aufgenommen"
},
{
"date": "2021-01-13T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-01-14T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-01-18T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-01-26T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-02-04T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-02-11T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-02-15T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-02-16T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-02-21T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-07-25T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2021-08-02T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-08-10T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-12-05T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2023-02-27T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-09-18T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "22"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Broadcom Brocade Switch",
"product": {
"name": "Broadcom Brocade Switch",
"product_id": "T015844",
"product_identification_helper": {
"cpe": "cpe:/h:brocade:switch:-"
}
}
}
],
"category": "vendor",
"name": "Broadcom"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "HCL BigFix",
"product": {
"name": "HCL BigFix",
"product_id": "T017494",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Switch",
"product": {
"name": "HPE Switch",
"product_id": "T002194",
"product_identification_helper": {
"cpe": "cpe:/h:hp:switch:2620"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Analyzer \u003c10.9.1-00",
"product": {
"name": "Hitachi Ops Center Analyzer \u003c10.9.1-00",
"product_id": "T026522"
}
},
{
"category": "product_version",
"name": "Analyzer 10.9.1-00",
"product": {
"name": "Hitachi Ops Center Analyzer 10.9.1-00",
"product_id": "T026522-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:analyzer__10.9.1-00"
}
}
}
],
"category": "product_name",
"name": "Ops Center"
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Insights \u003c3.0",
"product": {
"name": "IBM Security Guardium Insights \u003c3.0",
"product_id": "T044737"
}
},
{
"category": "product_version",
"name": "Insights 3.0",
"product": {
"name": "IBM Security Guardium Insights 3.0",
"product_id": "T044737-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:3.0::insights"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.23.1",
"product": {
"name": "Open Source Node.js \u003c10.23.1",
"product_id": "T017989"
}
},
{
"category": "product_version",
"name": "10.23.1",
"product": {
"name": "Open Source Node.js 10.23.1",
"product_id": "T017989-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nodejs:nodejs:10.23.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.20.1",
"product": {
"name": "Open Source Node.js \u003c12.20.1",
"product_id": "T017990"
}
},
{
"category": "product_version",
"name": "12.20.1",
"product": {
"name": "Open Source Node.js 12.20.1",
"product_id": "T017990-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nodejs:nodejs:12.20.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c14.15.4",
"product": {
"name": "Open Source Node.js \u003c14.15.4",
"product_id": "T017991"
}
},
{
"category": "product_version",
"name": "14.15.4",
"product": {
"name": "Open Source Node.js 14.15.4",
"product_id": "T017991-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nodejs:nodejs:14.15.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c15.5.1",
"product": {
"name": "Open Source Node.js \u003c15.5.1",
"product_id": "T017992"
}
},
{
"category": "product_version",
"name": "15.5.1",
"product": {
"name": "Open Source Node.js 15.5.1",
"product_id": "T017992-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nodejs:nodejs:15.5.1"
}
}
}
],
"category": "product_name",
"name": "Node.js"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1971",
"product_status": {
"known_affected": [
"T002194",
"67646",
"T015844",
"T013312",
"T012167",
"T004914",
"T017494",
"T017990",
"T017991",
"T017992",
"2951",
"T002207",
"T000126",
"T044737",
"T026522",
"T017989"
]
},
"release_date": "2021-01-04T23:00:00.000+00:00",
"title": "CVE-2020-1971"
},
{
"cve": "CVE-2020-8265",
"product_status": {
"known_affected": [
"67646",
"T013312",
"T012167",
"T004914",
"T017990",
"T017991",
"T017992",
"2951",
"T002207",
"T000126",
"T044737",
"T026522",
"T017989"
]
},
"release_date": "2021-01-04T23:00:00.000+00:00",
"title": "CVE-2020-8265"
},
{
"cve": "CVE-2020-8287",
"product_status": {
"known_affected": [
"67646",
"T013312",
"T012167",
"T004914",
"T017990",
"T017991",
"T017992",
"2951",
"T002207",
"T000126",
"T044737",
"T026522",
"T017989"
]
},
"release_date": "2021-01-04T23:00:00.000+00:00",
"title": "CVE-2020-8287"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…