Release date:
2026-05-29 17:42:15 UTC
Description:
- CVE-2026-21717: scramble V8 array-index hash_field with a 3-round
xorshift-multiply so consecutive numeric strings no longer hash to
consecutive buckets, preventing O(n^2) HashDoS via JSON.parse
Updated packages:
-
alt-nodejs12-nodejs-12.22.12-20.el9.x86_64.rpm
sha:d3db73bfef6d8e39703b654c148340a9fd844cb351d509ef9543feb3ae0827e3
-
alt-nodejs12-nodejs-devel-12.22.12-20.el9.x86_64.rpm
sha:ac30e8065f0709f7b4c553279bdbbc671b4bf1b42ffa890673f4c092c6c51d17
-
alt-nodejs12-nodejs-docs-12.22.12-20.el9.noarch.rpm
sha:3b3d190e7c20bb906ad3d9a34420de0ebd7d163760296ad178be2e7b4b319848
-
alt-nodejs12-npm-6.14.16-12.22.12.20.el9.x86_64.rpm
sha:788f1177f94094a5cf053932cd657b91df9a47f2af9635b6978d6a1cedbcab53
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
