Release date:
2026-06-01 07:01:44 UTC
Description:
- CVE-2026-21717: scramble V8 array-index hash_field with a 3-round
xorshift-multiply so consecutive numeric strings no longer hash to
consecutive buckets, preventing O(n^2) HashDoS via JSON.parse
Updated packages:
-
alt-nodejs12-nodejs-12.22.12-20.el7.x86_64.rpm
sha:8efacac1f4a6f16cb11a87e1fbd939899d2cc0e4bf34552afa9410ac44376737
-
alt-nodejs12-nodejs-devel-12.22.12-20.el7.x86_64.rpm
sha:0c8964bb6be192bd4bb0f047ef621876a1f71e2cc997d4638a5cb04c68cabed4
-
alt-nodejs12-nodejs-docs-12.22.12-20.el7.noarch.rpm
sha:75b5d9120956850d2812c92a48e0a48ffe14a27ea8fbcc21922388c84ee946b7
-
alt-nodejs12-npm-6.14.16-12.22.12.20.el7.x86_64.rpm
sha:c9a183e2a08840cde8718e6aa01b4318ddbb9c9cd1209e2651fee48a4d898c2b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
