Release date:
2025-11-05 13:05:08 UTC
Description:
- CVE-2023-32002: prevent Module.constructor._load() bypass by adding constructor
property protection
- CVE-2023-32006: prevent require.main.constructor and require.extensions bypass
by implementing secure module loading validation
Updated packages:
-
alt-nodejs14-nodejs-14.21.3-1.1.el9.tuxcare.els5.x86_64.rpm
sha:ed075fe7a2901cd1324b1a71dadb2d4a7aad1658984ffe376a175740891c138a
-
alt-nodejs14-nodejs-devel-14.21.3-1.1.el9.tuxcare.els5.x86_64.rpm
sha:4d5d581f75761270e10ebbad8a393c4788c18ca310b5308aca508d155e78f028
-
alt-nodejs14-nodejs-docs-14.21.3-1.1.el9.tuxcare.els5.noarch.rpm
sha:20f712159165e50b550f5799af17c7473d64a5c9d5a2f4e7bc0723ef0790cc24
-
alt-nodejs14-npm-6.14.18-14.21.3.1.el9.x86_64.rpm
sha:ba34d2702921470ca13e4d162a778195dc010474060ef905a3d51a566acb85d8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
