{ "schema_version": "1.7.0", "id": "RHSA-2026:7080", "related": [], "upstream": [ "CVE-2026-1525", "CVE-2026-1526", "CVE-2026-1528", "CVE-2026-2229", "CVE-2026-21710", "CVE-2026-25547", "CVE-2026-26996", "CVE-2026-27135", "CVE-2026-27904" ], "published": "2026-04-09T10:11:50Z", "modified": "2026-04-10T10:08:56Z", "summary": "Red Hat Security Advisory: nodejs22 security update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "affected": [ { "package": { "name": "nodejs", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-debuginfo", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-devel", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-docs", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs-docs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-full-i18n", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs-full-i18n" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-libs", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs-libs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-libs-debuginfo", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs-npm", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs-npm" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:10.9.7-1.22.22.2.1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs22", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs22" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs22-debuginfo", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs22-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nodejs22-debugsource", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/nodejs22-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:22.22.2-1.el10_1" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2026:7080" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436942" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448754" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453151" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7080.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-1525" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-1525" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525" }, { "type": "ARTICLE", "url": "https://cna.openjsf.org/security-advisories.html" }, { "type": "ARTICLE", "url": "https://cwe.mitre.org/data/definitions/444.html" }, { "type": "ARTICLE", "url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm" }, { "type": "ARTICLE", "url": "https://hackerone.com/reports/3556037" }, { "type": "ARTICLE", "url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-1526" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-1526" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526" }, { "type": "ARTICLE", "url": "https://datatracker.ietf.org/doc/html/rfc7692" }, { "type": "ARTICLE", "url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q" }, { "type": "ARTICLE", "url": "https://hackerone.com/reports/3481206" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-1528" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-1528" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528" }, { "type": "ARTICLE", "url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj" }, { "type": "ARTICLE", "url": "https://hackerone.com/reports/3537648" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-2229" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-2229" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229" }, { "type": "ARTICLE", "url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8" }, { "type": "ARTICLE", "url": "https://hackerone.com/reports/3487486" }, { "type": "ARTICLE", "url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-21710" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-21710" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21710" }, { "type": "ARTICLE", "url": "https://nodejs.org/en/blog/vulnerability/march-2026-security-releases" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-25547" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-25547" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547" }, { "type": "ARTICLE", "url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-26996" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-26996" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996" }, { "type": "ARTICLE", "url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5" }, { "type": "ARTICLE", "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-27135" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27135" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27135" }, { "type": "ARTICLE", "url": "https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1" }, { "type": "ARTICLE", "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-27904" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27904" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904" }, { "type": "ARTICLE", "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74" } ] }