Is OpenShift's Node.js cartridge effected by CVE-2015-8027

Solution In Progress - Updated -

Issue

  • The only Node.js cartridge officially supported by Red Hat claims to be a version 0.10, when I logging via ssh and run: node -v to check the version It indicates that the node version is 0.10.35 however recently it found a vulnerability (CVE-2015-8027), is this cartridge effected by this CVE?
  • Is OpenShift Online impacted by this Node.js vulnerabilities?

Environment

  • Openshift Online
  • Openshift Enterprise 2.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In