[CLSA-2026:1784113246] nodejs: Fix of CVE-2026-6733
Type:
security
Severity:
Low
Release date:
2026-07-15 11:00:58 UTC
Description:
- CVE-2026-6733: reject unsolicited HTTP/1.1 response bytes that begin parsing with no in-flight request, preventing keep-alive response queue poisoning
CVEs fixed:
Updated packages:
  • nodejs-16.20.2-8.el9_6.tuxcare.els16.x86_64.rpm
    sha:c1df087dfa91f1e405c62560e40bfff8fda803ef63473143b6a5a649bf0951db
  • nodejs-devel-16.20.2-8.el9_6.tuxcare.els16.x86_64.rpm
    sha:361ce1c04a7aec6a7c618716a54847003a77d2e0d72081797088a37e68a9c89c
  • nodejs-docs-16.20.2-8.el9_6.tuxcare.els16.noarch.rpm
    sha:3590541a067ce7c475837dd6db202cc6bf674b8f5973f105ab7d8d89f6f37233
  • nodejs-full-i18n-16.20.2-8.el9_6.tuxcare.els16.x86_64.rpm
    sha:7fd1d3d64030bff556c4c6440862fe563eef1db70ec27eab104ef8e0448302e4
  • nodejs-libs-16.20.2-8.el9_6.tuxcare.els16.i686.rpm
    sha:c2008018db7c54915f7da8f8a3c57195e156c48ecb5a362cdf64aa897d97f3e5
  • nodejs-libs-16.20.2-8.el9_6.tuxcare.els16.x86_64.rpm
    sha:94e5f527aa5e735511c8d199c7348b8d7b4de26811f1ba76411de36264591ce0
  • npm-8.19.4_1.16.20.2-8.el9_6.tuxcare.els16.x86_64.rpm
    sha:8361c3fb0d5ddb57d36ef3ef67bb4a71261835961a78b6e37406101520eccc73
  • v8-devel-9.4.146.26_1.16.20.2-8.el9_6.tuxcare.els16.x86_64.rpm
    sha:c65150bce8a11abfddccb166213aef1e07a2bac32bfb2526cb2c259f39846fcf
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.