{"affected":[{"ecosystem_specific":{"binaries":[{"nodejs12":"12.22.12-1.54.1","nodejs12-devel":"12.22.12-1.54.1","nodejs12-docs":"12.22.12-1.54.1","npm12":"12.22.12-1.54.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 12","name":"nodejs12","purl":"pkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"12.22.12-1.54.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for nodejs12 fixes the following issues:\n\n  - CVE-2022-35256: Fixed incorrect parsing of header fields (bsc#1203832).\n  - CVE-2022-32213: Fixed bypass via obs-fold mechanic (bsc#1201325).  \n","id":"SUSE-SU-2022:3503-1","modified":"2022-10-04T09:57:42Z","published":"2022-10-04T09:57:42Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20223503-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201325"},{"type":"REPORT","url":"https://bugzilla.suse.com/1203832"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-32213"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-35256"}],"related":["CVE-2022-32213","CVE-2022-35256"],"summary":"Security update for nodejs12","upstream":["CVE-2022-32213","CVE-2022-35256"]}