[CLSA-2026:1784112338] nodejs: Fix of CVE-2026-6733
Type:
security
Severity:
Low
Release date:
2026-07-15 10:45:51 UTC
Description:
- CVE-2026-6733: reject unsolicited HTTP/1.1 response bytes that begin parsing with no in-flight request, preventing keep-alive response queue poisoning
CVEs fixed:
Updated packages:
  • nodejs-16.20.2-8.el9_2.tuxcare.els16.x86_64.rpm
    sha:4a1a17a8f0a3a26ec325b0f91f406f495e7f7a62470e3cfcf78d8892fdbf24bc
  • nodejs-devel-16.20.2-8.el9_2.tuxcare.els16.x86_64.rpm
    sha:338b7b41e9ba24a7e340fcbe58f65cb51f3a17fc898f298ef21331e64f854cfd
  • nodejs-docs-16.20.2-8.el9_2.tuxcare.els16.noarch.rpm
    sha:60d1d62cb0b7e8be46a8eaef46e0e987c47fefb17922dcc7ee0a9c1481b6311b
  • nodejs-full-i18n-16.20.2-8.el9_2.tuxcare.els16.x86_64.rpm
    sha:9e7395b5ab513bc2a4dc81f43e3999276963474a403d798024971079da4d73c9
  • nodejs-libs-16.20.2-8.el9_2.tuxcare.els16.i686.rpm
    sha:99bc144f148259962d535789414fc8ad8d4201d6030ca5ba1bab81189c0ab08b
  • nodejs-libs-16.20.2-8.el9_2.tuxcare.els16.x86_64.rpm
    sha:feaab58056af93bb750b107d3d43adb98d808ac8d8dc97c08cfeec0442f42a2d
  • npm-8.19.4_1.16.20.2-8.el9_2.tuxcare.els16.x86_64.rpm
    sha:d9d6d4474855aa66b43d74631c8fcc8cf5393d45b3bac32bec1772c2e582881e
  • v8-devel-9.4.146.26_1.16.20.2-8.el9_2.tuxcare.els16.x86_64.rpm
    sha:bf6123c80a605dd30df38e7e3d015a5daa342de77c2855c1cdb78750bf31bb96
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.