Vulnerabilities
- Thursday February 16 2023 Security Releases
- OpenSSL 3.0.7 update assessment
- Nov 3 2022 Security Releases
- OpenSSL November Security Release
- OpenSSL and zlib update assessment, and Node.js Assessment workflow
- September 23rd 2022 Security Releases
- July 7th 2022 Security Releases
- OpenSSL update assessment, and Node.js project plans
- OpenSSL update assessment, and Node.js project plans
- OpenSSL security releases require Node.js security releases
- January 10th 2022 Security Releases
- October 12th 2021 Security Releases
- August 31 2021 Security Releases
- August 2021 Security Releases
- July 2021 Security Releases
- July 2021 Security Releases
- April 2021 Security Releases
- February 2021 Security Releases
- January 2021 Security Releases
- November 2020 Security Releases
- September 2020 Security Releases
- June 2020 Security Releases
- OpenSSL security releases do not require Node.js security releases
- February 2020 Security Releases
- December 2019 Security Releases
- OpenSSL security releases do not require Node.js security releases
- OpenSSL security releases may require Node.js security releases
- August 2019 Security Releases
- February 2019 Security Releases
- November 2018 Security Releases
- August 2018 Security Releases
- June 2018 Security Releases
- March 2018 Security Releases
- Meltdown and Spectre - Impact On Node.js
- Data Confidentiality/Integrity Vulnerability, December 2017
- OpenSSL update, 1.0.2m
- DOS security vulnerability, October 2017
- Path validation vulnerability, September 2017
- Security updates for all active release lines, July 2017
- OpenSSL update, 1.0.2k
- October security releases and v6 LTS "Boron" security inclusions
- Security updates for all active release lines, September 2016
- Security updates for all active release lines, June 2016
- OpenSSL updates, 1.0.1t and 1.0.2h
- npm security updates v2.15.1 and v3.8.3
- OpenSSL updates, 1.0.2g and 1.0.1s
- February 2016 Security Release Summary
- OpenSSL upgrade low-severity Node.js security fixes
- December Security Release Summary
- December Security Release Schedule Update
- CVE-2015-8027 Denial of Service Vulnerability / CVE-2015-6764 V8 Out-of-bounds Access Vulnerability
- V8 Memory Corruption and Stack Overflow (fixed in Node v0.8.28 and v0.10.30)
- OpenSSL and Breaking UTF-8 Change (fixed in Node v0.8.27 and v0.10.29)
- DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)
- HTTP Server Security Vulnerability: Please upgrade to 0.6.17
