nodejs:20 security update

🗓️ 29 Jul 2025 13:40:19Reported by Rockylinux Product ErrataType

rocky

rocky🔗 errata.rockylinux.org👁 1 Views

Node.js security update for Rocky Linux 9 fixes remote crash vulnerability CVE-2025-23166.

Reporter	Title	Published	Views	Family All 264
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js (CVE-2025-23165 & CVE-2025-23166) )	7 Aug 202513:42	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in NodeJS affect IBM Business Automation Workflow Configuration Editor	11 Sep 202511:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics Advanced Certified Containers	14 Nov 202520:49	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability affects IBM watsonx Orchestrate with watsonx Assistant Cartridge	11 Sep 202514:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Documentation Offline is vulnerable to `Node.js ReadFileUtf8 and HTTP Parser flaws` due to Node.js (CVE-2025-23165, CVE-2025-23167)	9 Dec 202510:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge	10 Sep 202520:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service [CVE-2025-23166]	6 Aug 202511:19	–	ibm
Tenable Nessus	Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2025-1009)	12 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2025-1010)	12 Jun 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0090: nodejs:20 (ALINUX3-SA-2025:0090)	23 Jun 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	9	aarch64	nodejs	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.aarch64.rpm
Rocky Linux	9	ppc64le	nodejs	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.ppc64le.rpm
Rocky Linux	9	s390x	nodejs	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.s390x.rpm
Rocky Linux	9	x86_64	nodejs	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.x86_64.rpm
Rocky Linux	9	aarch64	nodejs-debuginfo	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-debuginfo-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.aarch64.rpm
Rocky Linux	9	ppc64le	nodejs-debuginfo	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-debuginfo-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.ppc64le.rpm
Rocky Linux	9	s390x	nodejs-debuginfo	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-debuginfo-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.s390x.rpm
Rocky Linux	9	x86_64	nodejs-debuginfo	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-debuginfo-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.x86_64.rpm
Rocky Linux	9	aarch64	nodejs-debugsource	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-debugsource-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.aarch64.rpm
Rocky Linux	9	ppc64le	nodejs-debugsource	1:20.19.2-1.module+el9.6.0+32143+ae966e5b	nodejs-debugsource-1:20.19.2-1.module+el9.6.0+32143+ae966e5b.ppc64le.rpm

29 Jul 2025 13:40Current

7High risk

Vulners AI Score7

CVSS 37.5

EPSS0.0056

SSVC

node.js security rocky linux cve-2025-23166 remote crash software development