ALSA-2025:8506

[ALSA-2025:8506] Important: nodejs:22 security update

Type:

security

Severity:

important

Release date:

2025-06-05

Description:

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.   

Security Fix(es):  

  * nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js (CVE-2025-23166)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	v8-12.4-devel-12.4.254.21-1.22.16.0.1.module_el8.10.0+4006+3c416519.aarch64.rpm	1e7098a0eebc6f04297f7d3d95b635a2c80b5aab5f763760b605d77ce748d5d0
aarch64	nodejs-full-i18n-22.16.0-1.module_el8.10.0+4006+3c416519.aarch64.rpm	301f027db83ac0a58e3843ccee5004efb544a9d9aaaf22304bb7668c49ac05da
aarch64	npm-10.9.2-1.22.16.0.1.module_el8.10.0+4006+3c416519.aarch64.rpm	68d5739f9b50b427c9f84c33caaf046e1538202231df6a78e4e37cae2a901b39
aarch64	nodejs-libs-22.16.0-1.module_el8.10.0+4006+3c416519.aarch64.rpm	840618f7fe1aea993d0383c9f39c8a96d5865ec377859fb8deae032368f65831
aarch64	nodejs-22.16.0-1.module_el8.10.0+4006+3c416519.aarch64.rpm	ad3671001c9b0aab18ae38c3ddfdf20b24262eb4f23ce92e3172441a5ae99f92
aarch64	nodejs-devel-22.16.0-1.module_el8.10.0+4006+3c416519.aarch64.rpm	f3d200dd5ab55cbfad6330ffe3a895b580c2f0ee4b25a29ce96a030eeb0c8fa7
noarch	nodejs-packaging-2021.06-4.module_el8.10.0+4006+3c416519.noarch.rpm	2bd2bc02d533996f2f5591fe5845ffa85fc8cbf2b4c76370d7ed5d8010a16d05
noarch	nodejs-nodemon-3.0.1-1.module_el8.10.0+3983+391a1a04.noarch.rpm	53d47bcd3ba5d6d0d0045485ca1f36974f9a4fcf7250dd99e461957b5569b3bd
noarch	nodejs-docs-22.16.0-1.module_el8.10.0+4006+3c416519.noarch.rpm	6c746cf4d5a256154b7d33ee9ca987b70ce5c581848cb5a103e628a280b47dfe
noarch	nodejs-packaging-bundler-2021.06-4.module_el8.10.0+3961+6a788e57.noarch.rpm	f68cc5d7a383cbee17ad43acc466061915b2b7309b6696369168e2a3c4a7158c
ppc64le	v8-12.4-devel-12.4.254.21-1.22.16.0.1.module_el8.10.0+4006+3c416519.ppc64le.rpm	2ab1c4f273994cab76e6115f9089c407bb7e69f0cb92653c03093e6b9a7b12bd
ppc64le	npm-10.9.2-1.22.16.0.1.module_el8.10.0+4006+3c416519.ppc64le.rpm	48204bf0cdc9ed28565637f3372e492609ca16c4308394bb534a0a26947ebe1a
ppc64le	nodejs-full-i18n-22.16.0-1.module_el8.10.0+4006+3c416519.ppc64le.rpm	727b4e611efc55bbd5dbb3aa44a7cf5bedd2849a9721258c3bbc9c5ec45a2008
ppc64le	nodejs-22.16.0-1.module_el8.10.0+4006+3c416519.ppc64le.rpm	9e3f08494b4b88d5358db1ac04f41e6fe3a157b273078f91b4c308f0ef6622ef
ppc64le	nodejs-devel-22.16.0-1.module_el8.10.0+4006+3c416519.ppc64le.rpm	ce196a3f55002ea6105abae97050fa77cfbd4f34e5ece7bea8918db938c9349f
ppc64le	nodejs-libs-22.16.0-1.module_el8.10.0+4006+3c416519.ppc64le.rpm	e4bc35977c71b7378ef62edb596fbc71cde9feaa404e5f385b99bd6f5a500119
s390x	nodejs-full-i18n-22.16.0-1.module_el8.10.0+4006+3c416519.s390x.rpm	0369a92e9f305b87e756be3732c4b814f2d313dcd6a46de7da9feb640e4cdc22
s390x	nodejs-22.16.0-1.module_el8.10.0+4006+3c416519.s390x.rpm	16c02c58c666efa363466e26e0c65fa2ae7f58652b1e91b16c237e79c954b3f6
s390x	nodejs-libs-22.16.0-1.module_el8.10.0+4006+3c416519.s390x.rpm	1af3a006b2525a1ec8cc25e8079bfca46167408199f585b96b3f1cc3083364ab
s390x	v8-12.4-devel-12.4.254.21-1.22.16.0.1.module_el8.10.0+4006+3c416519.s390x.rpm	57274b64b55faea7a953851fc87f8c8834510e1267de41cff50fc7b5a3e83283
s390x	npm-10.9.2-1.22.16.0.1.module_el8.10.0+4006+3c416519.s390x.rpm	57e499cd8c08bf8c4485737e5afc61e7bc6149c183893dc35381b85c2ee2112c
s390x	nodejs-devel-22.16.0-1.module_el8.10.0+4006+3c416519.s390x.rpm	f9b76775929a42f358db6da9d0faab9af7464ac37c0cb3651ddc33a9c6c591c5
x86_64	nodejs-libs-22.16.0-1.module_el8.10.0+4006+3c416519.x86_64.rpm	6eaac82ad67bbbfc14c36a1c7e936a062a017ab1519a8e6c08d115c1658a6f95
x86_64	npm-10.9.2-1.22.16.0.1.module_el8.10.0+4006+3c416519.x86_64.rpm	9118321f3b851ea4b5f8ec4f657b8e7824b7e53e96ba7a97d3e663d1a84700dd
x86_64	nodejs-full-i18n-22.16.0-1.module_el8.10.0+4006+3c416519.x86_64.rpm	ae3450ce0001cf6e924f1869c6bd85335988bc76e09e32c3f413f7b41e20a8c7
x86_64	nodejs-devel-22.16.0-1.module_el8.10.0+4006+3c416519.x86_64.rpm	d28b2c5ad72bf91462ff79d72ef7ad6f63b4a14184c3eccce5897273666f861b
x86_64	v8-12.4-devel-12.4.254.21-1.22.16.0.1.module_el8.10.0+4006+3c416519.x86_64.rpm	e1c0105264480f14d14b22095d4073726e7299cb358d627ab0b61153d3b69793
x86_64	nodejs-22.16.0-1.module_el8.10.0+4006+3c416519.x86_64.rpm	eb1db1508f57376517916d5e1e911ee252e6dc71ef738eedf8f3aa3a1e12a3b6

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.