[ALSA-2025:8468] Important: nodejs:20 security update
Type:
security
Severity:
important
Release date:
2025-06-05
Description:
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js (CVE-2025-23166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.aarch64.rpm 03963feb0b08ecf940531622bdfd03b91951cbbd7fe06e543625bd335186b55e
aarch64 nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.aarch64.rpm 299abac228c783c3f7d4c010319c65479dad941b43d58a26ece8d9e75f58ce35
aarch64 nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.aarch64.rpm 31d0c5ac3d94cef3631ec1d38bb5c1df6c0130e370682a557b0e6d20e60d37b5
aarch64 nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.aarch64.rpm a273b1893a689c3fd3a8257c2ceea46a85db3dfd6f84b454d7366925a7222a0e
noarch nodejs-nodemon-3.0.1-1.module_el9.5.0+125+8dc38870.noarch.rpm 572b82ee164b85ffef41f974897332716b428e341e262a4ccdd71a9c87312648
noarch nodejs-packaging-2021.06-4.module_el9.6.0+162+8dc602e5.noarch.rpm 6197cdbcfccc2266f0d5e47e8b739375ef169fae31d46948b204964782b971f1
noarch nodejs-docs-20.19.2-1.module_el9.6.0+169+c9cb05c2.noarch.rpm 7cb015453402ce4793c1f94bf1a42248f44f3b10d6c18bd510973bc44ef767eb
noarch nodejs-packaging-bundler-2021.06-4.module_el9.6.0+162+8dc602e5.noarch.rpm 8672933a8a01356064a9acc4450fbb8322915abb9f7a09bb4979cc9c3695dfcf
ppc64le nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm 540cef9e3be46d6e69e1c077adef281671be6f21ad589f054e21a86c53d3fe48
ppc64le nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm 70f5e92cf3f79a393588fb47c96044cd172e128951ee64dac0459a5e2d523df6
ppc64le nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm a7b2a9bc88798b8c68f920762fbeeaf29c7750418bef5fc103841e2ea68731fa
ppc64le npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm d11b6e0d14b34eb2236b46ddf9286434b28a161222da59abdae0b1138f6a58fa
s390x nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.s390x.rpm 0c5a093ea5de4ca0f122958e4ca12efb2ee41cd3737b83c1807e75763f2d6af3
s390x npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.s390x.rpm bde135bfa9b587c83d9e5895b032be4c5514e39d82f072fab689ef27d20f4807
s390x nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.s390x.rpm c1fef6e38abf7c3ecf3f73985f43d63e2b9b54ecc44a187b02ddd2c3d85cb9b2
s390x nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.s390x.rpm e7affedcc657bead6f44fe78f61b2d63e248c5dde656bd0701cc91fb7130b352
x86_64 npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.x86_64.rpm 7aa4eef10e8c54338b54983877c9cae0f83cdb4ba0eadafa377b379720c0fd08
x86_64 nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.x86_64.rpm 82e00f4abdc160adc748446d7e804108af946ba11d26fc587d1c5b78d863027c
x86_64 nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.x86_64.rpm c7b40936cd0cf18aabbc6bb65457613fa84f95e09d9eec1afa9270c2789776d9
x86_64 nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.x86_64.rpm deab3a07c9511d9764ea56be5b0ab8a1e73f5f3c50bb078090ce9a4306b18c48
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.