Release date:
2026-05-28 15:14:12 UTC
Description:
- CVE-2026-21717: v8: scramble the 24-bit array-index value stored in a
Name's hash_field via a 3-round xorshift-multiply with compile-time
constants so consecutive numeric strings no longer collide in V8's
internal string table (HashDoS via JSON.parse)
Updated packages:
-
alt-nodejs14-nodejs-14.21.3-22.el7.x86_64.rpm
sha:9dace36dd0e536559bf28f2b802cbf86195f3bb1ae956aa935adf8eee4a78093
-
alt-nodejs14-nodejs-devel-14.21.3-22.el7.x86_64.rpm
sha:fd2b461d31b34093ffe134d3aaee36131638f2c636e58e0b409b35994a05e5d5
-
alt-nodejs14-nodejs-docs-14.21.3-22.el7.noarch.rpm
sha:59023888525b295a5c7a2aff327d179a7212a3cf91597dde4f8e13fa758ecd15
-
alt-nodejs14-npm-6.14.18-14.21.3.22.el7.x86_64.rpm
sha:fc56b58fec367b21375f5d57c449a8c4057ee0b6af54398f624c52a3eac5f034
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
