Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node version has multiple CVE #388

Closed
Elnadrion opened this issue Oct 30, 2024 · 2 comments
Closed

Node version has multiple CVE #388

Elnadrion opened this issue Oct 30, 2024 · 2 comments
Labels
reporter/community Issue reported by the community

Comments

@Elnadrion
Copy link

Node version has multiple CVE

Details: https://www.tenable.com/plugins/nessus/201969

To Reproduce
Steps to reproduce the behavior:

  1. Install wazuh-dashboard on Debian 12
  2. Run command : /usr/share/wazuh-dashboard/node/bin/node --version
  3. See version 'v18.19.0'

Expected behavior
Upgrade to Node.js version 18.20.4 / 20.15.1 / 22.4.1 or later (22 is current LTS now)

Dashboards Version
latest ( 4.9.1-1 ) on Debian repository
@andylhz-mojie
Copy link

same problem

@asteriscos
Copy link
Member

Thanks for bringing this to our attention. Wazuh Dashboard is based on OpenSearch Dashboards, which define the NodeJS version. I strongly suggest reporting the issue in their repository as they have the ownership to upgrade the NodeJS version.

@asteriscos asteriscos added reporter/community Issue reported by the community and removed untriaged labels Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
reporter/community Issue reported by the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@asteriscos @andylhz-mojie @Elnadrion