nodejs:20 security update

🗓️ 29 Jul 2025 13:38:41Reported by Rockylinux Product ErrataType

rocky

rocky🔗 errata.rockylinux.org👁 2 Views

Security update for Node.js on Rocky Linux 8 addressing remote crash vulnerability CVE-2025-23166

Reporter	Title	Published	Views	Family All 265
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js (CVE-2025-23165 & CVE-2025-23166) )	7 Aug 202513:42	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in NodeJS affect IBM Business Automation Workflow Configuration Editor	11 Sep 202511:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics Advanced Certified Containers	14 Nov 202520:49	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability affects IBM watsonx Orchestrate with watsonx Assistant Cartridge	11 Sep 202514:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Documentation Offline is vulnerable to `Node.js ReadFileUtf8 and HTTP Parser flaws` due to Node.js (CVE-2025-23165, CVE-2025-23167)	9 Dec 202510:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge	10 Sep 202520:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service [CVE-2025-23166]	6 Aug 202511:19	–	ibm
Tenable Nessus	Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2025-1009)	12 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2025-1010)	12 Jun 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0090: nodejs:20 (ALINUX3-SA-2025:0090)	23 Jun 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	8	aarch64	nodejs	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-1:20.19.2-1.module+el8.10.0+1988+437f3d23.aarch64.rpm
Rocky Linux	8	x86_64	nodejs	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-1:20.19.2-1.module+el8.10.0+1988+437f3d23.x86_64.rpm
Rocky Linux	8	aarch64	nodejs-debuginfo	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-debuginfo-1:20.19.2-1.module+el8.10.0+1988+437f3d23.aarch64.rpm
Rocky Linux	8	x86_64	nodejs-debuginfo	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-debuginfo-1:20.19.2-1.module+el8.10.0+1988+437f3d23.x86_64.rpm
Rocky Linux	8	aarch64	nodejs-debugsource	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-debugsource-1:20.19.2-1.module+el8.10.0+1988+437f3d23.aarch64.rpm
Rocky Linux	8	x86_64	nodejs-debugsource	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-debugsource-1:20.19.2-1.module+el8.10.0+1988+437f3d23.x86_64.rpm
Rocky Linux	8	aarch64	nodejs-devel	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-devel-1:20.19.2-1.module+el8.10.0+1988+437f3d23.aarch64.rpm
Rocky Linux	8	x86_64	nodejs-devel	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-devel-1:20.19.2-1.module+el8.10.0+1988+437f3d23.x86_64.rpm
Rocky Linux	8	any	nodejs-docs	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-docs-1:20.19.2-1.module+el8.10.0+1988+437f3d23.noarch.rpm
Rocky Linux	8	aarch64	nodejs-full-i18n	1:20.19.2-1.module+el8.10.0+1988+437f3d23	nodejs-full-i18n-1:20.19.2-1.module+el8.10.0+1988+437f3d23.aarch64.rpm

29 Jul 2025 13:38Current

7.1High risk

Vulners AI Score7.1

CVSS 37.5

EPSS0.0056

SSVC

node.js update remote crash cve-2025-23166 rocky linux 8 security vulnerability