Release date:
2026-05-07 13:49:02 UTC
Description:
- CVE-2026-21710: use null prototype for headersDistinct/trailersDistinct to
prevent uncaught TypeError when a __proto__ header is received and the
application accesses req.headersDistinct or req.trailersDistinct
Updated packages:
-
alt-nodejs18-nodejs-18.20.8-9.el8.x86_64.rpm
sha:a070e482c1b3a1e59683554f366b4e0a3c94298b6db813e7b79689662637f6f1
-
alt-nodejs18-nodejs-devel-18.20.8-9.el8.x86_64.rpm
sha:d385ed9ab2faac4df418d7179a351d5bc784d9adc515a7a9865a4ac6788004b0
-
alt-nodejs18-nodejs-docs-18.20.8-9.el8.noarch.rpm
sha:710488e0cfbfe1b5be68f7f696ebd28782ac372669298c68e1d48411b7d449d5
-
alt-nodejs18-npm-10.8.2-18.20.8.9.el8.x86_64.rpm
sha:4990e5bd01ef804637def829d4c6e4f909e659a633e9d1bd642194ace1bc222f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
