rh-nodejs14-nodejs vulnerabilities

Known vulnerabilities in the rh-nodejs14-nodejs package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Resource Exhaustion	*
H Resource Exhaustion	<0:14.21.3-7.el7
M HTTP Request Smuggling	*
M Detection of Error Condition Without Action	*
L Buffer Under-read	*
H Resource Exhaustion	<0:14.21.3-6.el7
M Covert Timing Channel	*
L Information Exposure	*
M Improper Validation of Integrity Check Value	*
L Arbitrary Code Injection	*
H Resource Exhaustion	<0:14.21.3-5.el7
M Inefficient Regular Expression Complexity	*
M CVE-2023-30589	*
M CVE-2023-30581	*
M CVE-2023-30590	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Out-of-bounds Write	<0:14.21.3-4.el7
H Use of Insufficiently Random Values	<0:14.21.3-4.el7
H Resource Exhaustion	<0:14.21.3-4.el7
H Use of Insufficiently Random Values	<0:14.21.3-4.el7
H Untrusted Search Path	<0:14.21.3-2.el7
H Incorrect Authorization	<0:14.21.3-2.el7
H Improper Input Validation	<0:14.21.3-2.el7
H Improper Input Validation	<0:14.21.3-2.el7
H Inefficient Regular Expression Complexity	<0:14.21.3-2.el7
M Resource Exhaustion	<0:14.21.1-3.el7
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:14.21.1-3.el7
M Reliance on Reverse DNS Resolution for a Security-Critical Action	<0:14.21.1-3.el7
M Inefficient Regular Expression Complexity	<0:14.21.1-3.el7
M HTTP Request Smuggling	<0:14.20.1-2.el7
M HTTP Request Smuggling	<0:14.20.0-2.el7
M HTTP Request Smuggling	<0:14.20.0-2.el7
M Improper Check or Handling of Exceptional Conditions	<0:14.20.0-2.el7
M HTTP Request Smuggling	<0:14.20.0-2.el7
M Open Redirect	<0:14.20.0-2.el7
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:14.20.1-2.el7
M Open Redirect	<0:14.21.1-3.el7
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	<0:14.20.1-2.el7
M Improper Certificate Validation	<0:14.20.1-2.el7
M Improper Certificate Validation	<0:14.20.1-2.el7
M Improper Certificate Validation	<0:14.20.1-2.el7
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	<0:14.18.2-1.el7
M HTTP Request Smuggling	<0:14.18.2-1.el7
M HTTP Request Smuggling	<0:14.18.2-1.el7
M Resource Exhaustion	<0:14.18.2-1.el7
M Link Following	<0:14.18.2-1.el7
M Link Following	<0:14.18.2-1.el7
H Directory Traversal	<0:14.17.5-1.el7
H Directory Traversal	<0:14.17.5-1.el7
H Improper Input Validation	<0:14.17.5-1.el7
H Improper Input Validation	<0:14.17.5-1.el7
H Use After Free	<0:14.17.5-1.el7
H Cross-site Scripting (XSS)	<0:14.17.5-1.el7
H Use After Free	<0:14.17.5-1.el7
H Resource Exhaustion	<0:14.17.5-1.el7
H Resource Exhaustion	<0:14.16.0-1.el7
H Improper Input Validation	<0:14.16.0-1.el7
M Resource Exhaustion	<0:14.15.4-2.el7
M Use After Free	<0:14.15.4-2.el7
M HTTP Request Smuggling	<0:14.15.4-2.el7
H Resource Exhaustion	<0:14.17.5-1.el7
M Modification of Assumed-Immutable Data (MAID)	<0:14.15.4-2.el7
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	<0:14.15.4-2.el7
M Out-of-Bounds	<0:14.15.4-2.el7
M Resource Exhaustion	<0:14.17.2-1.el7
M Allocation of Resources Without Limits or Throttling	<0:14.17.2-1.el7
M Resource Exhaustion	<0:14.17.2-1.el7
M Out-of-bounds Read	<0:14.17.2-1.el7
H Resource Exhaustion	<0:14.17.5-1.el7

Vulnerability

Vulnerable Version

Resource Exhaustion