48 matches found
Important: Red Hat Security Advisory: nodejs:22 security, bug fix, and enhancement update
An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHSA-2026:35842 Red Hat Security Advisory: nodejs22 security, bug fix, and enhancement update
Bulletin has no description...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs22: nodejs22-22.23.1-2.hum1 aarch64, x8664 nodejs22-bin-22.23.1-2.hum1 noarch nodejs22-devel-22.23.1-2.hum1 aarch64, x8664 nodejs22-docs-22.23.1-2.hum1 noarch...
SUSE-SU-2026:2647-1 Security update for nodejs22
This update for nodejs22 fixes the following issues Update to 22.23.0: - CVE-2026-6733: undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery bsc1268479. - CVE-2026-9496: pacote: excessive CPU consumption in addGitSha when processing a...
CVE-2026-48934
A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
EUVD-2026-39606
A flaw in Node.js proxy tunnel error handling could expose proxy credentials in ERRPROXYTUNNEL error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability...
CVE-2026-48933
A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48618
A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs22: nodejs22-22.23.1-1.hum1 aarch64, x8664 nodejs22-bin-22.23.1-1.hum1 noarch nodejs22-devel-22.23.1-1.hum1 aarch64, x8664 nodejs22-docs-22.23.1-1.hum1 noarch...
CVE-2026-48931
A flaw in Node.js HTTP Agent can cause a client to accept as valid a response that is send before the client has sent the request. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48937
A vulnerability in Node.js HTTP/2 server API can cause servers to continue accepting data after sending a GOAWAY frame. Affected release lines are Node.js 22 and Node.js 24. The issue is documented across multiple feeds (NVD, CVE-2026-48937 and HackerOne report) and is addressed in the June 2026 ...
[SECURITY] Fedora 44 Update: nodejs22-22.22.2-3.fc44
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
Fedora 43 : nodejs22 (2026-e3f870229a)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e3f870229a advisory. Update to version 22.22.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 44 : nodejs22 (2026-3b76d8047d)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3b76d8047d advisory. Update to version 22.22.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
SUSE SLES15 Security Update : nodejs22 (SUSE-SU-2026:1478-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1478-1 advisory. Update to version 22.22.2. - CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism...
AlmaLinux 8 : nodejs:22 (ALSA-2026:7123)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7123 advisory. brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547 minimatch: minimatch: Denial of Service via special...
RHSA-2026:7983 Red Hat Security Advisory: nodejs:22 security update
Bulletin has no description...
RHEL 9 : nodejs:22 (RHSA-2026:7983)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7983 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs22: nodejs22-22.22.0-1.3.hum1 aarch64, x8664 nodejs22-bin-22.22.0-1.3.hum1 noarch nodejs22-devel-22.22.0-1.3.hum1 aarch64, x8664 nodejs22-docs-22.22.0-1.3.hum1 noarch...
RHSA-2026:7310 Red Hat Security Advisory: nodejs22 security update
Bulletin has no description...