Packages
- nodejs - An open-source, cross-platform JavaScript runtime environment.
Details
It was discovered that Node.js incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. This issue was only fixed in Ubuntu 20.04 LTS. (CVE-2021-22883)
Vít Šesták discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2021-22884)
It was discovered that Node.js incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. This issue was only fixed in Ubuntu 20.04 LTS. (CVE-2021-22883)
Vít Šesták discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2021-22884)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
20.04 focal | libnode-dev – 10.19.0~dfsg-3ubuntu1.2 | ||
libnode64 – 10.19.0~dfsg-3ubuntu1.2 | |||
nodejs – 10.19.0~dfsg-3ubuntu1.2 | |||
18.04 bionic | nodejs – 8.10.0~dfsg-2ubuntu0.4+esm3 | ||
nodejs-dev – 8.10.0~dfsg-2ubuntu0.4+esm3 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.