INFSA-2025:7426: nodejs:20 security update
Information about definition
Identificator: INFSA-2025:7426
Type: security
Release date: 2025-07-10 21:48:18 UTC
Information about package
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
Vulnerabilities description
- CVE-2025-31498
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-31498
|
no information | 7.0 | no information |
Updated packages