Vulnerabilities

• 11 Jan 22 January 10th 2022 Security Releases
• 12 Oct 21 October 12th 2021 Security Releases
• 31 Aug 21 August 31 2021 Security Releases
• 11 Aug 21 August 2021 Security Releases
• 29 Jul 21 July 2021 Security Releases
• 01 Jul 21 July 2021 Security Releases
• 06 Apr 21 April 2021 Security Releases
• 23 Feb 21 February 2021 Security Releases
• 04 Jan 21 January 2021 Security Releases
• 16 Nov 20 November 2020 Security Releases
• 15 Sep 20 September 2020 Security Releases
• 02 Jun 20 June 2020 Security Releases
• 21 Apr 20 OpenSSL security releases do not require Node.js security releases
• 06 Feb 20 February 2020 Security Releases
• 18 Dec 19 December 2019 Security Releases
• 12 Sep 19 OpenSSL security releases do not require Node.js security releases
• 05 Sep 19 OpenSSL security releases may require Node.js security releases
• 16 Aug 19 August 2019 Security Releases
• 28 Feb 19 February 2019 Security Releases
• 28 Nov 18 November 2018 Security Releases
• 11 Aug 18 August 2018 Security Releases
• 12 Jun 18 June 2018 Security Releases
• 21 Mar 18 March 2018 Security Releases
• 08 Jan 18 Meltdown and Spectre - Impact On Node.js
• 08 Dec 17 Data Confidentiality/Integrity Vulnerability, December 2017
• 30 Oct 17 OpenSSL update, 1.0.2m
• 24 Oct 17 DOS security vulnerability, October 2017
• 29 Sep 17 Path validation vulnerability, September 2017
• 11 Jul 17 Security updates for all active release lines, July 2017
• 27 Jan 17 OpenSSL update, 1.0.2k
• 15 Oct 16 October security releases and v6 LTS "Boron" security inclusions
• 23 Sep 16 Security updates for all active release lines, September 2016
• 13 Jun 16 Security updates for all active release lines, June 2016
• 02 May 16 OpenSSL updates, 1.0.1t and 1.0.2h
• 31 Mar 16 npm security updates v2.15.1 and v3.8.3
• 29 Feb 16 OpenSSL updates, 1.0.2g and 1.0.1s
• 09 Feb 16 February 2016 Security Release Summary
• 27 Jan 16 OpenSSL upgrade low-severity Node.js security fixes
• 04 Dec 15 December Security Release Summary
• 01 Dec 15 December Security Release Schedule Update
• 25 Nov 15 CVE-2015-8027 Denial of Service Vulnerability / CVE-2015-6764 V8 Out-of-bounds Access Vulnerability
• 31 Jul 14 V8 Memory Corruption and Stack Overflow (fixed in Node v0.8.28 and v0.10.30)
• 16 Jun 14 OpenSSL and Breaking UTF-8 Change (fixed in Node v0.8.27 and v0.10.29)
• 22 Oct 13 DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)
• 07 May 12 HTTP Server Security Vulnerability: Please upgrade to 0.6.17