Node.js 14.x < 14.21.1 / 16.x < 16.18.1 / 18.x < 18.12.1 / 19.x < 19.0.1 Multiple Vulnerabilities (Nov 3 2022 Security Releases).

high Nessus Plugin ID 167024

Language:

Version 1.10 Jan 9, 2024, 11:15 AM Detection (Improved detection of OS managed installs) Plugin Feed: 202401091115
Version 1.9 Sep 11, 2023, 8:03 PM Plugin requirements (added Linux node.js detection as a dependency) Plugin Feed: 202309112003
Version 1.8 Mar 22, 2023, 4:37 PM CVSS metrics ("CVSSv2 score" changed from "7.8" to "7.6". "CVSSv2 score" changed from "7.8" to "7.6". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C" to "CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C" to "CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C" to "CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C") CVSSv2 score source (changed from "CVE-2022-3786" to "CVE-2022-43548") Plugin Feed: 202303221637
Version 1.7 Mar 6, 2023, 6:10 PM IAVM reference Plugin Feed: 202303061810
Version 1.6 Dec 9, 2022, 2:07 PM CVSS metrics ("CVSSv3 score" changed from "7.5" to "8.1") CVSS metrics ("CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H") CVSSv3 score source (set to "CVE-2022-43548") Plugin Feed: 202212091407
Version 1.5 Dec 5, 2022, 10:02 PM Reference Plugin Feed: 202212052202
Version 1.4 Nov 28, 2022, 4:23 PM CVSS metrics ("CVSSv2 score" changed from "5.0" to "7.8") CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C") CVSSv2 severity (based on CVE-2022-3786, severity increased from "Medium" to "High") Plugin Feed: 202211281623
Version 1.3 Nov 10, 2022, 11:52 PM IAVM reference STIG Severity Plugin Feed: 202211102352
Version 1.2 Nov 5, 2022, 7:44 AM New Plugin Feed: 202211050744

* Changelogs are generally available for changes made after Nov 1, 2022