Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Oracle Linux 9 Node.js Important Bug Fix Advisory ELSA-2026-35892

oracle
Calendar Grey July 13, 2026
Oracle Linux Logo Esm H88
Updated packages for Oracle Linux 9 enhance Node.js security and functionality addressing several crucial CVEs.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

nodejs [1:22.23.1-1] - Update to version 22.23.1 Resolves: RHEL-186622 RHEL-185998 RHEL-183669 Fixes: CVE-2026-12151 CVE-2026-48618 CVE-2026-48933 CVE-2026-48937 CVE-2026-48930 CVE-2026-48619 CVE-2026-48615 CVE-2026-48934 CVE-2026-48928 CVE-2026-48617 CVE-2026-48931 CVE-2026-48935 CVE-2026-42338 nodejs-nodemon [3.0.1-1] - Rebase to 3.0.1 - Resolves: CVE-2022-25883 [2.0.20-2] - Patch bundled glob-parent - Resolves: CVE-2021-35065 [2.0.20-1] - Rebase to 2.0.20 Resolves: CVE-2022-3517 [2.0.15-1] - Resolves: RHBZ#2005419 - Resolves CVE-2020-28469 - Rebase to newest version - Change source to npmjs.com nodejs-packaging [2021.06-6] - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-120511 [2021.06-5] - nodejs.req to properly detect bundled deps

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.src.rpm

x86_64

nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-devel-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-docs-22.23.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-full-i18n-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-libs-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm npm-10.9.8-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.x86_64.rpm

aarch64

nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-devel-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-docs-22.23.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-full-i18n-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-libs-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm npm-10.9.8-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-6733 CVE-2026-9678 CVE-2026-11525 CVE-2026-12151 CVE-2026-42338 CVE-2026-48615 CVE-2026-48618 CVE-2026-48619 CVE-2026-48928 CVE-2026-48930 CVE-2026-48933 CVE-2026-48934 CVE-2026-48935

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.