nodejs24 security update

An update is available for nodejs24. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a platform built on Chrome's JavaScript runtime for easily...

CVE-2026-21715 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21715 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-21713 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21713 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-21714 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21714 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-21710 affecting package nodejs24 for versions less than 24.14.1-1

CVE-2026-21710 affecting package nodejs24 for versions less than 24.14.1-1. An upgraded version of the package is available that resolves this issue...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.14.1-4.1.hum1 aarch64, x8664 nodejs24-bin-24.14.1-4.1.hum1 noarch nodejs24-devel-24.14.1-4.1.hum1 aarch64, x8664 nodejs24-docs-24.14.1-4.1.hum1 noarch...

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1526)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1526 advisory. Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 request...

Node.js 安全漏洞

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. Security vulnerabilities exist in Node.js versions 20.x, 22.x, 24.x, and 25.x. These vulnerabilities stem from improper handling of HTTP requests. When the request header contains the name...

CVE-2025-69418 affecting package nodejs24 for versions less than 24.13.0-3

CVE-2025-69418 affecting package nodejs24 for versions less than 24.13.0-3. A patched version of the package is available...

AlmaLinux 9 : nodejs:24 (ALSA-2026:2781)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2781 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service CVE-2025-5946...

RHSA-2026:2781 Red Hat Security Advisory: nodejs:24 security update

Bulletin has no description...

RockyLinux 9 : nodejs:24 (RLSA-2026:2781)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2781 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service CVE-2025-594...

Important: Red Hat Security Advisory: nodejs:24 security update

An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

AlmaLinux 8 : nodejs:24 (ALSA-2026:2420)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2420 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service CVE-2025-5946...

RHEL 8 : nodejs:24 (RHSA-2026:2420)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2420 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

CVE-2020-28493 affecting package nodejs24 for versions less than 24.13.0-1

CVE-2020-28493 affecting package nodejs24 for versions less than 24.13.0-1. A patched version of the package is available...

nodejs24 security update

An update is available for nodejs24. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a platform built on Chrome's JavaScript runtime for easily...

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2025-1348)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1348 advisory. Use after free due to connection being cleaned up after error CVE-2025-62408 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus h...

Medium: nodejs24

Issue Overview: Use after free due to connection being cleaned up after error CVE-2025-62408 Affected Packages: nodejs24 Issue Correction: Run dnf update nodejs24 --releasever 2023.10.20260105 or dnf update --advisory ALAS2023-2025-1348 --releasever 2023.10.20260105 to update your system. More...

SUSE CVE-2025-27209

The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...