Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:alpm/archlinux/nodejs-lts-iron@20.19.1-1
purl pkg:alpm/archlinux/nodejs-lts-iron@20.19.1-1
Next non-vulnerable version 20.19.2-1
Latest non-vulnerable version 20.19.2-1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-g9bm-61bn-ryg5
Aliases:
CVE-2025-23167
nodejs: Improper HTTP Header Termination in Node.js 20 Enables Request Smuggling
20.19.2-1
Affected by 0 other vulnerabilities.
VCID-xkpz-pb5y-jqcy
Aliases:
CVE-2025-23166
nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js
20.19.2-1
Affected by 0 other vulnerabilities.
VCID-znta-r3v4-hyg1
Aliases:
CVE-2025-23165
nodejs: Memory Leak in Node.js ReadFileUtf8 Binding Leading to DoS
20.19.2-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T18:25:01.747586+00:00 Arch Linux Importer Affected by VCID-znta-r3v4-hyg1 https://security.archlinux.org/AVG-2873 38.0.0
2026-04-01T18:25:01.722863+00:00 Arch Linux Importer Affected by VCID-xkpz-pb5y-jqcy https://security.archlinux.org/AVG-2873 38.0.0
2026-04-01T18:25:01.697719+00:00 Arch Linux Importer Affected by VCID-g9bm-61bn-ryg5 https://security.archlinux.org/AVG-2873 38.0.0