ALSA-2025:8493

[ALSA-2025:8493] Important: nodejs22 security update

Type:

security

Severity:

important

Release date:

2025-06-06

Description:

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.  

Security Fix(es):  

  * nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js (CVE-2025-23166)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nodejs-npm-10.9.2-1.22.16.0.1.el10_0.aarch64.rpm	3c5b2a03ac620bf52ac770c9bca8c55441e27f7aa81e25049b170d6fc473ef08
aarch64	nodejs-22.16.0-1.el10_0.aarch64.rpm	3e108509b0772d71601ab2476f3a011df4f3ca8516e843d41f6ca311dbd9c47a
aarch64	nodejs-libs-22.16.0-1.el10_0.aarch64.rpm	604875a6adb1f9a72ba888c8310c73c69553d1c4b853af44626b34b99e33c105
aarch64	nodejs-full-i18n-22.16.0-1.el10_0.aarch64.rpm	7639a9f0864f10587c454723e2b62065bd40d35ab68c92c5b74f797283ae0955
aarch64	nodejs-devel-22.16.0-1.el10_0.aarch64.rpm	d47f6af201b3a02b868fb909e4bfa29afce84a5a564a734131aebf1fb552cf1d
noarch	nodejs-docs-22.16.0-1.el10_0.noarch.rpm	059b8eae96daae1d53d4a16bea0b57a8b48ea09fe4b2ee6fd62da1537ddf89be
ppc64le	nodejs-22.16.0-1.el10_0.ppc64le.rpm	20398f5a1fe9e89bb2066fc2dbe425d6e5e8d7b8915f98079fc8bc552a1157f1
ppc64le	nodejs-devel-22.16.0-1.el10_0.ppc64le.rpm	8088bd8d9b028c8683b960672676a8aaeef5c3a18f8a741a0ced50f50a1d3213
ppc64le	nodejs-full-i18n-22.16.0-1.el10_0.ppc64le.rpm	cf51438f4f7cff5e15be91f037b06e8b596b5b4f2b49ac3b1d2085d7f140ebf5
ppc64le	nodejs-libs-22.16.0-1.el10_0.ppc64le.rpm	d4fa7173b2992e162d2fa195612acba4ca0b4c70e053ce93490a8d6001382ede
ppc64le	nodejs-npm-10.9.2-1.22.16.0.1.el10_0.ppc64le.rpm	e7a15302823746ef706f751f97cdfdc0d57ff32d93eb3a41788a7cb43bf95826
s390x	nodejs-devel-22.16.0-1.el10_0.s390x.rpm	057faca249090b8e1f0addb0067c5e97527caf6e65802680f929397788f6282a
s390x	nodejs-full-i18n-22.16.0-1.el10_0.s390x.rpm	51d79be7c82415d19e9900ff5de604d6bdd24c70d6db18c87b41b3fb366d3a9d
s390x	nodejs-22.16.0-1.el10_0.s390x.rpm	5b2b48502932cb83d42ff197826dfbbb1dfd06b4666bfa4421a12ecbfc1a041a
s390x	nodejs-libs-22.16.0-1.el10_0.s390x.rpm	5cd0af5e5b3fbc8db9432eaa7452f5d3d779c9e4ae6d874ea574ca7a4d85811a
s390x	nodejs-npm-10.9.2-1.22.16.0.1.el10_0.s390x.rpm	839c8771abdafc72f2cda0af08bac79a214e2993e9bfb63c36f675841859e2c1
x86_64	nodejs-npm-10.9.2-1.22.16.0.1.el10_0.x86_64.rpm	2382eb5283a6550050f324b344dbfa81833cae19a7d075663285017832f9fc88
x86_64	nodejs-libs-22.16.0-1.el10_0.x86_64.rpm	628e001e9f05edfcb5c1665b3eceeabe4e47914acde4009d0f1f01882b5f6193
x86_64	nodejs-22.16.0-1.el10_0.x86_64.rpm	a16d43c3f742d285a8872ebe3bcae1705d2b5180299959b5a4417eccf80b2b5b
x86_64	nodejs-full-i18n-22.16.0-1.el10_0.x86_64.rpm	e8f436164ae68d014c64edfdba6c8afe62742b611afc45575c717484fd96d42d
x86_64	nodejs-devel-22.16.0-1.el10_0.x86_64.rpm	f1a4b67c2b5b07a902bb923e88041e032e1689e6c7e98f30f961a76e5b484d8c

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.