Release Info

Advisory: CLSA-2025:1762347558

OS: EL 8

Public date: 2025-11-05 12:59:20.719115

Project: nodejs

Version: 14.21.3-1.1.el8.tuxcare.els5

Errata link: https://errata.tuxcare.com/els_alt_nodejs/el8/CLSA-2025-1762347558.html

Changelog

- CVE-2023-32002: prevent Module.constructor._load() bypass by adding constructor property protection - CVE-2023-32006: prevent require.main.constructor and require.extensions bypass by implementing secure module loading validation

Update

Update command: yum update alt-nodejs*

Packages list

alt-nodejs14-nodejs-14.21.3-1.1.el8.tuxcare.els5.x86_64.rpm alt-nodejs14-nodejs-devel-14.21.3-1.1.el8.tuxcare.els5.x86_64.rpm alt-nodejs14-nodejs-docs-14.21.3-1.1.el8.tuxcare.els5.noarch.rpm alt-nodejs14-npm-6.14.18-14.21.3.1.el8.x86_64.rpm

CVEs

CVE-2023-32002
CVE-2023-32006