Threats Tagged 'cve-2025-55130'

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * nodejs: Nodejs filesystem permissions bypass (CVE-2025-55132) * nodejs: Nodejs denial of service (CVE-2026-21637) * nodejs: Nodejs denial of service (CVE-2025-59466) * nodejs: Nodejs denial of service (CVE-2025-59465) * nodejs: Nodejs uninitialized memory exposure (CVE-2025-55131) * nodejs: Nodejs file permissions bypass (CVE-2025-55130) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * nodejs: Nodejs filesystem permissions bypass (CVE-2025-55132) * nodejs: Nodejs denial of service (CVE-2026-21637) * nodejs: Nodejs denial of service (CVE-2025-59466) * nodejs: Nodejs denial of service (CVE-2025-59465) * nodejs: Nodejs uninitialized memory exposure (CVE-2025-55131) * nodejs: Nodejs file permissions bypass (CVE-2025-55130) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * nodejs: Nodejs filesystem permissions bypass (CVE-2025-55132) * nodejs: Nodejs denial of service (CVE-2026-21637) * nodejs: Nodejs denial of service (CVE-2025-59466) * nodejs: Nodejs denial of service (CVE-2025-59465) * nodejs: Nodejs uninitialized memory exposure (CVE-2025-55131) * nodejs: Nodejs file permissions bypass (CVE-2025-55130) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

A security update for the Node. js 20 module in Red Hat Enterprise Linux 8 addresses multiple vulnerabilities including filesystem permissions bypass, denial of service, and uninitialized memory exposure. These issues affect Node. js as packaged by Red Hat and could impact applications relying on this runtime. The update is rated with an Important security impact by Red Hat Product Security. The advisory references six CVEs related to these vulnerabilities. The update rebases Node. js 20 to the latest upstream release to include these fixes.

Multiple security vulnerabilities affecting the Node. js 24 module in Red Hat Enterprise Linux 8 have been identified and addressed. These include filesystem permissions bypass, denial of service, and uninitialized memory exposure issues. The vulnerabilities are rated with a high severity impact. Red Hat has issued an important security advisory (RHSA-2026:2420) providing updates to remediate these issues. The update rebases Node. js 24 to the latest release containing fixes for these vulnerabilities.

A security update for Node. js 24 on Red Hat Enterprise Linux 10 addresses multiple vulnerabilities including filesystem permissions bypass, denial of service, and uninitialized memory exposure. These issues affect the nodejs24 package and could impact the security of applications relying on this runtime. The update is rated as important by Red Hat Product Security and fixes six CVEs related to permission bypass and denial of service conditions. The advisory provides updated packages for various architectures of Red Hat Enterprise Linux 10.

Multiple security vulnerabilities have been identified in the Node. js 20 module distributed with Red Hat Enterprise Linux 9. These include filesystem permissions bypass, denial of service, and uninitialized memory exposure issues. The vulnerabilities are rated with high severity by Red Hat Product Security. An update addressing these issues is available for Red Hat Enterprise Linux 9 and related variants. Users are advised to apply the security update to mitigate these vulnerabilities.

Multiple security vulnerabilities have been identified in Node. js as packaged in Red Hat Enterprise Linux 10, including filesystem permissions bypass, denial of service, and uninitialized memory exposure. These issues affect the nodejs22 package version 22. 22. 0-3. el10_1 across various architectures. Red Hat has issued an important security advisory (RHSA-2026:1843) addressing these vulnerabilities with updated packages. The vulnerabilities have a high severity rating but no CVSS score is provided. Users of affected Red Hat Enterprise Linux 10 systems should apply the available updates to mitigate these risks.

A security update for the Node. js 22 module in Red Hat Enterprise Linux 9. 6 addresses multiple vulnerabilities including denial of service, uninitialized memory exposure, and file permissions bypass. These issues are tracked under CVE-2025-59465, CVE-2025-55131, and CVE-2025-55130 respectively. The update is rated as important by Red Hat Product Security and affects several Red Hat Enterprise Linux 9. 6 variants. No CVSS scores are provided in the advisory. The update is available and recommended to remediate these vulnerabilities.

A security update for Node. js 20 on Red Hat Enterprise Linux 9. 6 addresses multiple vulnerabilities including denial of service, uninitialized memory exposure, and file permissions bypass. These issues affect the Node. js platform used for building scalable network applications in JavaScript. The update is rated as important by Red Hat Product Security and applies to various Red Hat Enterprise Linux 9. 6 Extended Update Support and related variants. No CVSS score is provided, but the severity is assessed as high. The advisory references multiple CVEs including CVE-2025-55130, CVE-2025-55131, and CVE-2025-59465 among others. Red Hat provides updated packages and instructions for remediation.