{"id":"MGASA-2022-0422","summary":"Updated nodejs packages fix security vulnerability","details":"DNS rebinding in --inspect via invalid octal IP address (CVE-2022-43548)\nIn addition, 14.21.0 has provided the following changes:\ndeps\n  update corepack to 0.14.2 (Node.js GitHub Bot) #44775\nsrc\n  add --openssl-shared-config option (Daniel Bevenius) #43124\n","modified":"2026-04-16T04:43:17.453539124Z","published":"2022-11-13T02:25:20Z","upstream":["CVE-2022-43548"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0422.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31078"},{"type":"WEB","url":"https://github.com/nodejs/node/releases/tag/v14.21.1"},{"type":"WEB","url":"https://github.com/nodejs/node/releases/tag/v14.21.0"},{"type":"WEB","url":"https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/"},{"type":"WEB","url":"https://nodejs.org/en/blog/release/v18.12.1/"}],"affected":[{"package":{"name":"nodejs","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/nodejs?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"14.21.1-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0422.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}