# corepack22-22.10.0-1.1 on GA media Announcement ID: openSUSE-SU-2024:14435-1 Rating: moderate Cross-References: * CVE-2024-22018 * CVE-2024-22020 * CVE-2024-36137 * CVE-2024-36138 * CVE-2024-37372 CVSS scores: * CVE-2024-22018 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-22020 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H * CVE-2024-36137 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * openSUSE Tumbleweed An update that solves 5 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the corepack22-22.10.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * corepack22 22.10.0-1.1 * nodejs22 22.10.0-1.1 * nodejs22-devel 22.10.0-1.1 * nodejs22-docs 22.10.0-1.1 * npm22 22.10.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22018.html * https://www.suse.com/security/cve/CVE-2024-22020.html * https://www.suse.com/security/cve/CVE-2024-36137.html * https://www.suse.com/security/cve/CVE-2024-36138.html * https://www.suse.com/security/cve/CVE-2024-37372.html