Release date:
2026-05-31 21:26:59 UTC
Description:
- CVE-2026-21717: scramble V8 array-index hash_field with a 3-round
xorshift-multiply so consecutive numeric strings no longer hash to
consecutive buckets, preventing O(n^2) HashDoS via JSON.parse
Updated packages:
-
alt-nodejs12-nodejs-12.22.12-20.el8.x86_64.rpm
sha:599fcd576847ad8e6e845930de9e09ccee20a2d9de84c91e8350b1a1beca62c4
-
alt-nodejs12-nodejs-devel-12.22.12-20.el8.x86_64.rpm
sha:4ef288977dcd87c1ec5bb5d60a3a3111e42d4d09c1ddd2f2ee1af52c538ef3bd
-
alt-nodejs12-nodejs-docs-12.22.12-20.el8.noarch.rpm
sha:5565b19d59079d3d38e04984c3432d76de3de0979a263ead415aa17d8f6e6393
-
alt-nodejs12-npm-6.14.16-12.22.12.20.el8.x86_64.rpm
sha:84f88e9d4369924f77aa7d0a9c538234340d5cff023467e253dc15083f58f6ee
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
