Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1647)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1647 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API...

PT-2026-26134

Name of the Vulnerable Software and Affected Versions nghttp2 versions prior to 1.68.1 Description nghttp2 is a C implementation of the Hypertext Transfer Protocol version 2. Versions of nghttp2 prior to 1.68.1 are susceptible to a denial-of-service condition. This occurs because the library does...