Debian: Node.js Critical Risks Denial Service DSA-5991-1 CVE-2023-46809

Multiple vulnerabilities were discovered in Node.js, which could result
in denial of service, HTTP request smuggling, privilege escalation, a
side channel attack against PKCS#1 1.5 or a bypass of network import
restrictions.

For the oldstable distribution (bookworm), these problems have been fixed
in version 18.20.4+dfsg-1~deb12u1.

We recommend that you upgrade your nodejs packages.

For the detailed security status of nodejs please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/nodejs

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/