Release date:
2026-05-28 16:00:02 UTC
Description:
- CVE-2026-21717: v8: scramble the 24-bit array-index value stored in a
Name's hash_field via a 3-round xorshift-multiply with compile-time
constants so consecutive numeric strings no longer collide in V8's
internal string table (HashDoS via JSON.parse)
Updated packages:
-
alt-nodejs14-nodejs-14.21.3-22.el8.x86_64.rpm
sha:5cfb2ff7b370dcf28ac7056df6efe4fc6923a6bec3610b193f33d22dc42d6b6d
-
alt-nodejs14-nodejs-devel-14.21.3-22.el8.x86_64.rpm
sha:44f3cc08b80f520d90b0499236a623521fe9e61c6bd0f4a7fdbb83657a557bcd
-
alt-nodejs14-nodejs-docs-14.21.3-22.el8.noarch.rpm
sha:8950456736d655a694e71d5cdcb64b2315f702729ae973f74bba3ffccc02df2a
-
alt-nodejs14-npm-6.14.18-14.21.3.22.el8.x86_64.rpm
sha:d51f78aea8e95794c9d1d636b292ef07995da903f7ef16b71a5810a13cb23fa6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
