INFSA-2025:7502: nodejs22 security update
Information about definition
Identificator: INFSA-2025:7502
Type: security
Release date: 2025-07-17 21:43:43 UTC
Information about package
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.
Vulnerabilities description
- CVE-2025-31498
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-31498
|
no information | 7.0 | no information |
Updated packages