Avatar
Gonçalo Valério 11mo ago

New node.js security release

https://nodejs.org/en/blog/vulnerability/january-2025-security-releases

- Worker permission bypass via InternalWorker leak in diagnostics (CVE-2025-23083) - (high)

- Path traversal by drive name in Windows environment (CVE-2025-23084) - (medium)

- GOAWAY HTTP/2 frames cause memory leak outside heap (CVE-2025-23085) - (medium)

#security #nodejs

Reply to this note

Please Login to reply.

Discussion

No replies yet.