Release date:
2026-05-07 15:06:15 UTC
Description:
- CVE-2026-21710: use null prototype for headersDistinct/trailersDistinct to
prevent uncaught TypeError when a __proto__ header is received and the
application accesses req.headersDistinct or req.trailersDistinct
Updated packages:
-
alt-nodejs16-nodejs-16.20.2-18.el10.x86_64.rpm
sha:eed2155a901081ead921567bd11da1d5acaf17d9e2b4369ff4c7857181ee7c80
-
alt-nodejs16-nodejs-devel-16.20.2-18.el10.x86_64.rpm
sha:7c7fce5871f0246e75c6959b085d581a698be314f5115bd3aa6f9c4d1929014c
-
alt-nodejs16-nodejs-docs-16.20.2-18.el10.noarch.rpm
sha:dcedc43fe3902d15184d53f343878719a879f6018ff476183aacfc25bfb29529
-
alt-nodejs16-npm-8.19.4-16.20.2.18.el10.x86_64.rpm
sha:1f4a2dd7577c7eb75098e67a6fd82efb66273116158730079a6cf21a2690b7b7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
