rh-nodejs14-nodejs vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the rh-nodejs14-nodejs package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Resource Exhaustion	*
H Resource Exhaustion	<0:14.21.3-7.el7
M HTTP Request Smuggling	*
M Detection of Error Condition Without Action	*
L Buffer Under-read	*
H Resource Exhaustion	<0:14.21.3-6.el7
M Covert Timing Channel	*
L Information Exposure	*
M Improper Validation of Integrity Check Value	*
L Arbitrary Code Injection	*
H Resource Exhaustion	<0:14.21.3-5.el7
M Inefficient Regular Expression Complexity	*
M CVE-2023-30589	*
H CVE-2023-30581	*
M CVE-2023-30590	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Out-of-bounds Write	<0:14.21.3-4.el7
H Use of Insufficiently Random Values	<0:14.21.3-4.el7
H Resource Exhaustion	<0:14.21.3-4.el7
H Use of Insufficiently Random Values	<0:14.21.3-4.el7
H Untrusted Search Path	<0:14.21.3-2.el7
H Incorrect Authorization	<0:14.21.3-2.el7
H Improper Input Validation	<0:14.21.3-2.el7
H Improper Input Validation	<0:14.21.3-2.el7
H Inefficient Regular Expression Complexity	<0:14.21.3-2.el7
M Resource Exhaustion	<0:14.21.1-3.el7
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:14.21.1-3.el7
M Reliance on Reverse DNS Resolution for a Security-Critical Action	<0:14.21.1-3.el7
M Inefficient Regular Expression Complexity	<0:14.21.1-3.el7
M HTTP Request Smuggling	<0:14.20.1-2.el7
M HTTP Request Smuggling	<0:14.20.0-2.el7
M HTTP Request Smuggling	<0:14.20.0-2.el7
M Improper Check or Handling of Exceptional Conditions	<0:14.20.0-2.el7
M HTTP Request Smuggling	<0:14.20.0-2.el7
M Open Redirect	<0:14.20.0-2.el7
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:14.20.1-2.el7
M Open Redirect	<0:14.21.1-3.el7
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	<0:14.20.1-2.el7
M Improper Certificate Validation	<0:14.20.1-2.el7
M Improper Certificate Validation	<0:14.20.1-2.el7
M Improper Certificate Validation	<0:14.20.1-2.el7
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	<0:14.18.2-1.el7
M HTTP Request Smuggling	<0:14.18.2-1.el7
M HTTP Request Smuggling	<0:14.18.2-1.el7
M Resource Exhaustion	<0:14.18.2-1.el7
M Link Following	<0:14.18.2-1.el7
M Link Following	<0:14.18.2-1.el7
H Directory Traversal	<0:14.17.5-1.el7
H Directory Traversal	<0:14.17.5-1.el7
H Improper Input Validation	<0:14.17.5-1.el7
H Improper Input Validation	<0:14.17.5-1.el7
H Use After Free	<0:14.17.5-1.el7
H Cross-site Scripting (XSS)	<0:14.17.5-1.el7
H Use After Free	<0:14.17.5-1.el7
H Resource Exhaustion	<0:14.17.5-1.el7
H Resource Exhaustion	<0:14.16.0-1.el7
H Improper Input Validation	<0:14.16.0-1.el7
M Resource Exhaustion	<0:14.15.4-2.el7
M Use After Free	<0:14.15.4-2.el7
M HTTP Request Smuggling	<0:14.15.4-2.el7
M Resource Exhaustion	<0:14.15.4-2.el7
M Modification of Assumed-Immutable Data (MAID)	<0:14.15.4-2.el7
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	<0:14.15.4-2.el7
M Out-of-Bounds	<0:14.15.4-2.el7
M Resource Exhaustion	<0:14.17.2-1.el7
M Allocation of Resources Without Limits or Throttling	<0:14.17.2-1.el7
M Resource Exhaustion	<0:14.17.2-1.el7
M Out-of-bounds Read	<0:14.17.2-1.el7
H Resource Exhaustion	<0:14.17.5-1.el7

Vulnerability

Vulnerable Version

Resource Exhaustion