Advisories ยป MGASA-2025-0041

Updated nodejs packages fix security vulnerabilities

Publication date: 07 Feb 2025
Modification date: 07 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-23083 , CVE-2025-23085

Description

Worker permission bypass via InternalWorker leak in diagnostics.
(CVE-2025-23083)
GOAWAY HTTP/2 frames cause memory leak outside heap. (CVE-2025-23085)
                

References

SRPMS

9/core