Javascript Node

Security Release for N|Solid Version 4.5.21 min read

This is a security release for Node.js and includes fixes for three high severity issues.

Vulnerabilities fixed in Node.js

Updates are now available for v10,x, v12.x, v14.x and v15.x Node.js release lines for the following vulnerabilities in Node.js:

OpenSSL – CA certificate check bypass with X509_V_FLAG_X509_STRICT (High – CVE-2021-3450) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
OpenSSL – NULL pointer deref in signature_algorithms processing (High – CVE-2021-3449) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
npm upgrade – Update y18n to fix Prototype-Pollution (High – CVE-2020-7774) This is a vulnerability in the y18n npm module which may be exploited by prototype pollution. You can read more about it in https://github.com/advisories/GHSA-c4w7-xm78-47vh

Additional References

For details about the Node.js security releases and corresponding vulnerabilities, please refer to the links below:

Node.js v10.24.1 (LTS)
Node.js v12.22.1 (LTS)
Node.js v14.16.1 (LTS)
Node.js v15.14.0 (Current)
React Admin Templates and Themes

Pin It on Pinterest

Generated by Feedzy