vulnerability

Amazon Linux 2023: CVE-2025-23165: Important priority package update for nodejs22 (Multiple Advisories)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
May 19, 2025
Added
Jun 11, 2025
Modified
Jul 4, 2025

Description

A flaw was found in the ReadFileUtf8 internal binding of Node.js. This vulnerability can allow an attacker to cause an application denial of service via repeated file read operations that trigger an unrecoverable memory leak due to a corrupted pointer in the underlying file system binding.

Solutions

amazon-linux-2023-upgrade-nodejs20amazon-linux-2023-upgrade-nodejs20-debuginfoamazon-linux-2023-upgrade-nodejs20-debugsourceamazon-linux-2023-upgrade-nodejs20-develamazon-linux-2023-upgrade-nodejs20-docsamazon-linux-2023-upgrade-nodejs20-full-i18namazon-linux-2023-upgrade-nodejs20-libsamazon-linux-2023-upgrade-nodejs20-libs-debuginfoamazon-linux-2023-upgrade-nodejs20-npmamazon-linux-2023-upgrade-nodejs22amazon-linux-2023-upgrade-nodejs22-debuginfoamazon-linux-2023-upgrade-nodejs22-debugsourceamazon-linux-2023-upgrade-nodejs22-develamazon-linux-2023-upgrade-nodejs22-docsamazon-linux-2023-upgrade-nodejs22-full-i18namazon-linux-2023-upgrade-nodejs22-libsamazon-linux-2023-upgrade-nodejs22-libs-debuginfoamazon-linux-2023-upgrade-nodejs22-npmamazon-linux-2023-upgrade-v8-11-3-develamazon-linux-2023-upgrade-v8-12-4-devel

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today