node.js 信任管理问题漏洞

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://nodejs.org/en/blog/release/v13.8.0/

来源:DEBIAN

链接:https://www.debian.org/security/2020/dsa-4669

来源:GENTOO

链接:https://security.gentoo.org/glsa/202003-48

来源:N/A

链接:https://www.oracle.com/security-alerts/cpuapr2020.html

来源:CONFIRM

链接:https://nodejs.org/en/blog/release/v12.15.0/

来源:nodejs.org

链接:https://nodejs.org/en/blog/release/v13.8.0/

来源:MISC

链接:https://hackerone.com/reports/746733

来源:CONFIRM

链接:https://nodejs.org/en/blog/release/v10.19.0/

来源:CONFIRM

链接:https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20200221-0004/

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0602

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0579

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0573

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0598

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2020:0597

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/3022677

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.1544/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-planning-analytics-workspace/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0617/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156530/Red-Hat-Security-Advisory-2020-0598-01.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-affected-by-multiple-cves-in-node-js-2/

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-15604

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-pak-for-data-node-js-cve-2019-15606-cve-2019-15604-cve-2019-15605/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0856/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-node-js-affect-ibm-i/

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2019-15604

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-spectrum-protect-plus-cve-2019-15606-cve-2019-15604-cve-2019-15605-cve-2019-9511-cve-2019-9516-cve-2019-9512-cve-2019-9517-cve-2019-951/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-node-js-affects-ibm-app-connect-enterprise-v11/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-node-js-vulnerabilities-affect-ibm-spectrum-control-cve-2019-15606-cve-2019-15604-cve-2019-15605/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156846/Gentoo-Linux-Security-Advisory-202003-48.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0671/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-in-ibm-sdk-for-node-js-might-affect-the-configuration-editor-used-by-ibm-business-automation-workflow-and-ibm-business-process-manager-bpm/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0593/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0695/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-version-10-16-3-of-node-js-included-in-ibm-cloud-event-management-2-5-0-has-several-security-vulnerabilities-2/

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Node-Core-three-vulnerabilities-31539

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-node-jscve-2019-15604-cve-2019-15605-cve-2019-15606/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-multiple-node-js-vulnerabilities/