{ "schema_version": "1.7.0", "id": "RHSA-2020:2852", "related": [], "upstream": [ "CVE-2020-7598", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-11080" ], "published": "2024-09-13T22:41:24Z", "modified": "2026-02-28T10:02:35Z", "summary": "Red Hat Security Advisory: nodejs:12 security update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "affected": [ { "package": { "name": "nodejs", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:12.18.2-1.module+el8.2.0+7233+61d664c1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:12.18.2-1.module+el8.2.0+7233+61d664c1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-debugsource", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:12.18.2-1.module+el8.2.0+7233+61d664c1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-devel", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:12.18.2-1.module+el8.2.0+7233+61d664c1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-docs", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs-docs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:12.18.2-1.module+el8.2.0+7233+61d664c1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-full-i18n", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs-full-i18n" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:12.18.2-1.module+el8.2.0+7233+61d664c1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-nodemon", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs-nodemon" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:1.18.3-1.module+el8.1.0+3369+37ae6a45" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-packaging", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/nodejs-packaging" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:17-3.module+el8.1.0+3369+37ae6a45" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "npm", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/npm" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2020:2852" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845247" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845256" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2852.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2020-7598" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7598" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598" }, { "type": "ARTICLE", "url": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2020-8172" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8172" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2020-8174" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8174" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174" }, { "type": "ARTICLE", "url": "https://hackerone.com/reports/784186" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2020-11080" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11080" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080" }, { "type": "ARTICLE", "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr" } ] }