Node.js vulnerabilities in Node.js and the V8 Javascript engine were disclosed on October 18 2016, by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs.
CVE(s): CVE-2016-5180, CVE-2016-5172, ,
Affected product(s) and affected version(s):
CVE-2016-5180 affects IBM SDK for Node.js v1.1.1.4 and earlier releases.
CVE-2016-5180 affects IBM SDK for Node.js v1.2.0.15 and earlier releases.
CVE-2016-5180 affects IBM SDK for Node.js v4.6.0.0 and earlier releases.
CVE-2016-5172, X-Force 118650, and X-Force 118651 affect IBM SDK for Node.js v6.7.0.0 and earlier releases.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gE5a4d
X-Force Database: http://ift.tt/2hEOUxw
X-Force Database: http://ift.tt/2gE668Y
X-Force Database: http://ift.tt/2hEZ1CE
X-Force Database: http://ift.tt/2gE1Ru2
from IBM Product Security Incident Response Team http://ift.tt/2hEThcd
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.