ALSA-2026:2783

See a problem?
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2026:2783
Related
Published
2026-02-17T00:00:00Z
Modified
2026-03-04T13:14:00.553262Z
Summary
Important: nodejs:20 security update
Details

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.

Security Fix(es):

  • nodejs: Nodejs filesystem permissions bypass (CVE-2025-55132)
  • nodejs: Nodejs denial of service (CVE-2026-21637)
  • nodejs: Nodejs denial of service (CVE-2025-59466)
  • nodejs: Nodejs denial of service (CVE-2025-59465)
  • nodejs: Nodejs uninitialized memory exposure (CVE-2025-55131)
  • nodejs: Nodejs file permissions bypass (CVE-2025-55130)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9
nodejs

Package

Name
nodejs
Purl
pkg:rpm/almalinux/nodejs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:20.20.0-1.module_el9.7.0+207+84573810

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"
nodejs-devel

Package

Name
nodejs-devel
Purl
pkg:rpm/almalinux/nodejs-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:20.20.0-1.module_el9.7.0+207+84573810

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"
nodejs-docs

Package

Name
nodejs-docs
Purl
pkg:rpm/almalinux/nodejs-docs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:20.20.0-1.module_el9.7.0+207+84573810

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"
nodejs-full-i18n

Package

Name
nodejs-full-i18n
Purl
pkg:rpm/almalinux/nodejs-full-i18n

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:20.20.0-1.module_el9.7.0+207+84573810

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"
nodejs-nodemon

Package

Name
nodejs-nodemon
Purl
pkg:rpm/almalinux/nodejs-nodemon

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.1-1.module_el9.5.0+125+8dc38870

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"
nodejs-packaging

Package

Name
nodejs-packaging
Purl
pkg:rpm/almalinux/nodejs-packaging

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2021.06-5.module_el9.7.0+207+84573810

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"
nodejs-packaging-bundler

Package

Name
nodejs-packaging-bundler
Purl
pkg:rpm/almalinux/nodejs-packaging-bundler

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2021.06-5.module_el9.7.0+207+84573810

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"
npm

Package

Name
npm
Purl
pkg:rpm/almalinux/npm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:10.8.2-1.20.20.0.1.module_el9.7.0+207+84573810

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2026:2783.json"