vulnerability

Oracle Linux: CVE-2025-23165: ELSA-2025-8493: nodejs22 security update (IMPORTANT)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	May 19, 2025	Jul 10, 2025	Jul 16, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

May 19, 2025

Added

Jul 10, 2025

Modified

Jul 16, 2025

Description

A flaw was found in the ReadFileUtf8 internal binding of Node.js. This vulnerability can allow an attacker to cause an application denial of service via repeated file read operations that trigger an unrecoverable memory leak due to a corrupted pointer in the underlying file system binding.

Solutions

oracle-linux-upgrade-nodejsoracle-linux-upgrade-nodejs-develoracle-linux-upgrade-nodejs-docsoracle-linux-upgrade-nodejs-full-i18noracle-linux-upgrade-nodejs-libsoracle-linux-upgrade-nodejs-npm

References

CVE-2025-23165
https://attackerkb.com/topics/CVE-2025-23165
ELSA-ELSA-2025-8493
CWE-401

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today