Release date:
2025-11-11 15:12:57 UTC
Description:
- CVE-2023-23918: prevent process.mainModule.require() policy bypass
- CVE-2023-32002: prevent Module.constructor._load() bypass by adding constructor
property protection
- CVE-2023-32006: prevent require.main.constructor and require.extensions bypass
by implementing secure module loading validation
Updated packages:
-
alt-nodejs12-nodejs-12.22.12-2.el9.tuxcare.els5.x86_64.rpm
sha:c4cf5534c0d22f85d15ac4afaeeed7b60d65a170aa93d438eff7aafa79e9e7d1
-
alt-nodejs12-nodejs-devel-12.22.12-2.el9.tuxcare.els5.x86_64.rpm
sha:3a4ee691c8612163a33103e9bc744f4be96e39d1ac16b4f22fcaa1529d29e8f0
-
alt-nodejs12-nodejs-docs-12.22.12-2.el9.tuxcare.els5.noarch.rpm
sha:a9c48faa832a8663100d33c9247f4db7693de1510250e23f866b39ae19effd44
-
alt-nodejs12-npm-12.22.12-2.el9.x86_64.rpm
sha:15e86966828515335876b2196b7810f40600e024426dfa2108e1fdf0fd55a2a9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
