Release date:
2026-05-07 15:53:07 UTC
Description:
- CVE-2026-21710: use null prototype for headersDistinct/trailersDistinct to
prevent uncaught TypeError when a __proto__ header is received and the
application accesses req.headersDistinct or req.trailersDistinct
Updated packages:
-
alt-nodejs16-nodejs-16.20.2-18.el7.x86_64.rpm
sha:b273b9966e03605cde8c0cf359aca29d1fcc168c12c7764be1784e3f6bcd762c
-
alt-nodejs16-nodejs-devel-16.20.2-18.el7.x86_64.rpm
sha:20f1db0a9a448730ec9d294360dc80da6cfd4eaf2cdfaa86e1e6ece18206e657
-
alt-nodejs16-nodejs-docs-16.20.2-18.el7.noarch.rpm
sha:2e142a6251f2984e01346eaa149618e1d784957dc615bf704c388710d3e8b104
-
alt-nodejs16-npm-8.19.4-16.20.2.18.el7.x86_64.rpm
sha:81d020f06d264314759a4c6fbcd1c523bcb15d4f261e51c9dca509adbb749171
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
