Alibaba Cloud Linux 3 : 0099: libuv (ALINUX3-SA-2022:0099)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0099 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-8252: The implementation of...

Alibaba Cloud Linux 3 : 0029: nodejs:20 (ALINUX3-SA-2025:0029)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0029 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-22150: Undici is an HTTP/1.1...

Important: Red Hat Security Advisory: nodejs:22 security update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2025:7502 Moderate: nodejs22 security update

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

ALSA-2025:7426 Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...

ALSA-2025:7433 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...

Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...

[SECURITY] Fedora 41 Update: nodejs22-22.15.0-2.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

[SECURITY] Fedora 40 Update: nodejs22-22.15.0-2.fc40

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

[SECURITY] Fedora 42 Update: nodejs22-22.15.0-2.fc42

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use the Snowflake connector are vulnerable to improper preservation of permissions [CVE-2025-24791]

Summary Node.js module snowflake-sdk is used by IBM App Connect Enterprise Certified Container for connecting to Snowflake. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that run flows containing the Snowflake connector are vulnerable to improper...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service, SSRF and credential leakage [CVE-2025-27152, CVE-2025-27789, CVE-2025-32996, CVE-2025-32997]

Summary Node.js modules axios and http-proxy-middleware are used by IBM App Connect Enterprise Certified Container for HTTP communications. Node.js module Babel is used for internal code generation. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service, SSRF...

20 module bug fix and enhancement update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

20 enhancement update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

18 enhancement update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

[SECURITY] Fedora 41 Update: nodejs20-20.19.1-1.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

Node.js: HashDoS in V8

The V8 release used in Node.js v24.0.0 changed how string hashes were computed using rapidhash. This implementation reintroduced the HashDoS vulnerability, where an attacker who could control the strings to be hashed could generate many hash collisions without knowing the hash-seed...

RHSA-2025:4459 Red Hat Security Advisory: nodejs:22 security update

Bulletin has no description...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to a vulnerability found in Node.js

Summary There is a vulnerability in Node.js used by IBM Cloud Transformation Advisor CVE-2024-57699. Vulnerability Details CVEID:CVE-2024-57699 DESCRIPTION: A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number...