Oracle Linux 9 : nodejs:24 (ELSA-2026-7350)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7350 advisory. nodejs 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 1:24.14.1-1 - Update to version 24.14.1 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fi...

RHSA-2026:7896 Red Hat Security Advisory: nodejs:20 security update

Bulletin has no description...

nodejs:20 security update

nodejs 1:20.20.2-1 - Update to version 20.20.2 Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-164336 Fixes: CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-25547 CVE-2026-21710 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves:...

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

nodejs24 security update

1:24.14.1-2.0.1 - Update upstream references 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 1:24.14.1-1 - Update to version 24.14.1...

RockyLinux 9 : nodejs:20 (RLSA-2026:7896)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7896 advisory. minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 minimatch: Minimatch: Denial of Service via catastrophic...

RHSA-2026:7302 Red Hat Security Advisory: nodejs:22 security update

Bulletin has no description...

Debian dsa-6183 : libnode-dev - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6183 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6183-1 [email protected] https://www.debian.org/securit...

TencentOS Server 3: nodejs:20 (TSSA-2026:0171)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0171 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Oracle Linux 9 : nodejs:20 (ELSA-2026-2783)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2783 advisory. - Resolves: CVE-2022-25883 - Resolves: CVE-2021-35065 - Rebase to 2.0.20 Resolves: CVE-2022-3517 - Resolves CVE-2020-28469 Tenable has extracted the...

Oracle Linux 9 : nodejs:22 (ELSA-2026-2782)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2782 advisory. - Resolves: CVE-2022-25883 - Resolves: CVE-2021-35065 - Rebase to 2.0.20 Resolves: CVE-2022-3517 - Resolves CVE-2020-28469 Tenable has extracted the...

Important: Red Hat Security Advisory: nodejs:22 security update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

nodejs:24 security update

nodejs 1:24.13.0-1 - Update to version 24.13.0 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fix BR for nodejs-npm nodejs-packaging 2021.06-6 - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-121581 2021.06-5 - nodejs.req to properly detect bundled deps...

RHSA-2026:2422 Red Hat Security Advisory: nodejs:20 security update

Bulletin has no description...

Important: nodejs20

Issue Overview: Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated...

MiracleLinux 9 : nodejs-16.20.2-1.el9 (AXSA:2023-6490:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6490:04 advisory. nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs: Permissions policies can impersonate other modules in using...

MiracleLinux 8 : nodejs:16 (AXSA:2024-7628:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7628:01 advisory. nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 nodejs: HTTP/2: Multiple HTTP/2 enabled we...

nodejs:18 security, bug fix, and enhancement update

An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

RLSA-2023:5362 Important: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18. BZ2234409 Security Fixes: nodejs: Permissions policies can be bypassed via...