Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

Tuesday June 20 2023 Security Releases

Tuesday June 20 2023 Security Releases Update 20-June-2023 Security releases available Updates are now available for all supported Node.js release lines for the following issues. OpenSSL Security updates This security release includes the following OpenSSL security updates OpenSSL security adviso...

MGASA-2023-0078 Updated nodejs packages fix security vulnerability

The following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule High CVE-2023-23920: Node.js insecure loading of ICU data through ICUDATA environment variable Low More detailed information on each of the vulnerabilities can be foun...

MGASA-2022-0077 Updated nodejs packages fix security vulnerability

Improper handling of URI Subject Alternative Names Medium. Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often n...