QID 159408

Date Published: 2021-10-29

QID 159408: Oracle Enterprise Linux Security Update for nodejs:14 (ELSA-2021-3666)

Oracle Enterprise Linux has released a security update for nodejs:14 to fix the vulnerabilities.

Affected Product:
Oracle Linux 8

This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.

  • CVSS V3 rated as Critical - 9.8 severity.
  • CVSS V2 rated as High - 7.5 severity.
  • Solution
    To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

    ELSA-2021-3666.
    Vendor References
    Software Advisories
    Advisory ID Software Component Link
    ELSA-2021-3666 Oracle Linux URL Logo linux.oracle.com/errata/ELSA-2021-3666.html