{"id":"RHSA-2020:2625","summary":"Red Hat Security Advisory: rh-nodejs8-nodejs security update","modified":"2026-03-11T07:16:52.061562Z","published":"2024-09-13T16:20:13Z","upstream":["CVE-2017-18077","CVE-2017-18869","CVE-2018-3737","CVE-2018-3750","CVE-2019-16775","CVE-2019-16776","CVE-2019-16777"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:2625"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1448380"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1567228"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578246"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1611613"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788301"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788305"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788310"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1829414"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2625.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-18077"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-18077"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18077"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-18869"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-18869"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18869"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-3737"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-3737"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-3737"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-3750"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-3750"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-3750"},{"type":"ARTICLE","url":"https://hackerone.com/reports/311333"},{"type":"ARTICLE","url":"https://nodesecurity.io/advisories/612"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-16775"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-16775"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16775"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-16776"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-16776"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16776"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-16777"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-16777"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16777"}],"affected":[{"package":{"name":"rh-nodejs8-nodejs","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-nodejs8-nodejs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.17.0-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2625.json"}},{"package":{"name":"rh-nodejs8-nodejs-debuginfo","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-nodejs8-nodejs-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.17.0-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2625.json"}},{"package":{"name":"rh-nodejs8-nodejs-devel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-nodejs8-nodejs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.17.0-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2625.json"}},{"package":{"name":"rh-nodejs8-nodejs-docs","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-nodejs8-nodejs-docs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.17.0-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2625.json"}},{"package":{"name":"rh-nodejs8-npm","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-nodejs8-npm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.13.4-8.17.0.2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2625.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}