Release date:
2026-05-07 15:31:40 UTC
Description:
- CVE-2026-21710: use null prototype for headersDistinct/trailersDistinct to
prevent uncaught TypeError when a __proto__ header is received and the
application accesses req.headersDistinct or req.trailersDistinct
Updated packages:
-
alt-nodejs18-nodejs-18.20.8-9.el7.x86_64.rpm
sha:f2674bd29f6dfcb62e05db87fe0d43a43b5a79f18e4dd70a74dd9031c9857fd3
-
alt-nodejs18-nodejs-devel-18.20.8-9.el7.x86_64.rpm
sha:759ae45a5598fc4031eccc88aeb98c7e8d4d7ac429067dd329680105527addb5
-
alt-nodejs18-nodejs-docs-18.20.8-9.el7.noarch.rpm
sha:60f479ff1a2664554d45a375ab1879806e38491f2abe868473496e92f0594243
-
alt-nodejs18-npm-10.8.2-18.20.8.9.el7.x86_64.rpm
sha:70509d10ced5ba7cbd2163e17ff45ff9a3334f1e2d7ea30112b7e1722c3adf7e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
