{"id":"RHSA-2016:2101","summary":"Red Hat Security Advisory: nodejs and nodejs-tough-cookie security, bug fix, and enhancement update","modified":"2026-03-11T07:08:22.600714Z","published":"2024-09-13T12:28:08Z","upstream":["CVE-2016-1000232","CVE-2016-5325"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:2101"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346910"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1359818"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1382854"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2101.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-5325"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-5325"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5325"},{"type":"ARTICLE","url":"https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-1000232"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-1000232"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1000232"},{"type":"ARTICLE","url":"https://nodesecurity.io/advisories/130"}],"affected":[{"package":{"name":"nodejs","ecosystem":"Red Hat:openshift:3.1::el7","purl":"pkg:rpm/redhat/nodejs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-debuginfo","ecosystem":"Red Hat:openshift:3.1::el7","purl":"pkg:rpm/redhat/nodejs-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-devel","ecosystem":"Red Hat:openshift:3.1::el7","purl":"pkg:rpm/redhat/nodejs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-docs","ecosystem":"Red Hat:openshift:3.1::el7","purl":"pkg:rpm/redhat/nodejs-docs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-tough-cookie","ecosystem":"Red Hat:openshift:3.1::el7","purl":"pkg:rpm/redhat/nodejs-tough-cookie"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs","ecosystem":"Red Hat:openshift:3.2::el7","purl":"pkg:rpm/redhat/nodejs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-debuginfo","ecosystem":"Red Hat:openshift:3.2::el7","purl":"pkg:rpm/redhat/nodejs-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-devel","ecosystem":"Red Hat:openshift:3.2::el7","purl":"pkg:rpm/redhat/nodejs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-docs","ecosystem":"Red Hat:openshift:3.2::el7","purl":"pkg:rpm/redhat/nodejs-docs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-tough-cookie","ecosystem":"Red Hat:openshift:3.2::el7","purl":"pkg:rpm/redhat/nodejs-tough-cookie"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs","ecosystem":"Red Hat:openshift:3.3::el7","purl":"pkg:rpm/redhat/nodejs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-debuginfo","ecosystem":"Red Hat:openshift:3.3::el7","purl":"pkg:rpm/redhat/nodejs-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-devel","ecosystem":"Red Hat:openshift:3.3::el7","purl":"pkg:rpm/redhat/nodejs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-docs","ecosystem":"Red Hat:openshift:3.3::el7","purl":"pkg:rpm/redhat/nodejs-docs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.47-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}},{"package":{"name":"nodejs-tough-cookie","ecosystem":"Red Hat:openshift:3.3::el7","purl":"pkg:rpm/redhat/nodejs-tough-cookie"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.1-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:2101.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}