BIT-NODE-MIN-2025-23088

Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...

BIT-NODE-2025-23089

Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...

BIT-NODE-MIN-2025-23089

Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...

BIT-NODE-2025-23090

Rejected reason: This CVE record has been withdrawn due to a duplicate entry CVE-2025-23083...

BIT-NODE-MIN-2025-23090

Rejected reason: This CVE record has been withdrawn due to a duplicate entry CVE-2025-23083...

SUSE SLES15 Security Update : nodejs20 (SUSE-SU-2025:0232-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0232-1 advisory. Update to 20.18.2: - CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics bsc1236251 -...

SUSE-SU-2025:0233-1 Security update for nodejs18

This update for nodejs18 fixes the following issues: Update to 18.20.6: - CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 - CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici bsc1236258...

SUSE-SU-2025:0232-1 Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.18.2: - CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics bsc1236251 - CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERRPROTO bsc1236250 - CVE-2025-22150: Fixed insufficiently...

CVE-2025-23089

A flaw was found in Node.js. This vulnerability allows potential exposure to unaddressed software vulnerabilities via the continued use of End-of-Life EOL versions that no longer receive security updates or patches. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2025-23088

A flaw was found in Node.js. This vulnerability allows potential exposure to unaddressed software vulnerabilities via the continued use of End-of-Life EOL versions that no longer receive security updates or patches. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2025-23083

A flaw was found in the Node.js diagnosticschannel. This vulnerability allows an attacker to reinstate and misuse worker constructors, potentially bypassing the Permission Model via hooking into events when a worker thread is created...

CVE-2025-23087

A flaw was found in Node.js. This vulnerability allows potential exposure to unaddressed software vulnerabilities via the continued use of End-of-Life EOL versions that no longer receive security updates or patches. Mitigation Mitigation for this issue is either not available or the currently...

SUSE CVE-2025-23084

A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory...

Node.js 20.x < 20.18.2, 21.x < 22.13.1, 23.x < 23.6.1 Worker Permission Bypass Vulnerability - Mac OS X

Node.js is prone to a worker permission bypass vulnerability via InternalWorker leak in diagnostics. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Node.js < 18.20.6, 20.x < 20.18.2, 21.x < 22.13.1, 23.x < 23.6.1 Multiple Vulnerabilities - Windows

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

Node.js 20.x < 20.18.2, 21.x < 22.13.1, 23.x < 23.6.1 Worker Permission Bypass Vulnerability - Windows

Node.js is prone to a worker permission bypass vulnerability via InternalWorker leak in diagnostics. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Node.js < 18.20.6, 20.x < 20.18.2, 21.x < 22.13.1, 23.x < 23.6.1 Multiple Vulnerabilities - Mac OS X

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

CVE-2025-23088

Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...

CVE-2025-23089

Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...

CVE-2025-23087

Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...