VulnerableCode Package Details - pkg:deb/debian/nodejs@20.19.0%2Bdfsg-2

Search for packages

Vulnerability	Summary	Fixed by
VCID-k3ej-p9y8-1qfk Aliases: CVE-2025-47153	Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs_20.19.0+dfsg-2_i386.deb for Debian GNU/Linux, have an inconsistent off_t size (e.g., building on i386 Debian always uses _FILE_OFFSET_BITS=64 for the libuv dynamic library, but uses the _FILE_OFFSET_BITS global system default of 32 for nodejs), leading to out-of-bounds access. NOTE: this is not a problem in the Node.js software itself. In particular, the Node.js website's download page does not offer prebuilt Node.js for Linux on i386.	20.19.0+dfsg1-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 20.19.2+dfsg-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-k3ej-p9y8-1qfk
Aliases:
CVE-2025-47153

Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs_20.19.0+dfsg-2_i386.deb for Debian GNU/Linux, have an inconsistent off_t size (e.g., building on i386 Debian always uses _FILE_OFFSET_BITS=64 for the libuv dynamic library, but uses the _FILE_OFFSET_BITS global system default of 32 for nodejs), leading to out-of-bounds access. NOTE: this is not a problem in the Node.js software itself. In particular, the Node.js website's download page does not offer prebuilt Node.js for Linux on i386.

20.19.0+dfsg1-1
Affected by 1 other vulnerability.

20.19.2+dfsg-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-05-03T11:37:58.712144+00:00	Debian Importer	Affected by	VCID-k3ej-p9y8-1qfk	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-10T20:10:36.628636+00:00	Debian Importer	Fixing	VCID-23tg-44pz-cbcb	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-10T07:12:06.682157+00:00	Debian Importer	Fixing	VCID-r97s-9mta-aaaj	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T17:54:41.871746+00:00	Debian Importer	Fixing	VCID-849h-j5yz-aaan	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T17:41:19.089713+00:00	Debian Importer	Fixing	VCID-kr1n-t6yx-aaam	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T16:37:47.903592+00:00	Debian Importer	Fixing	VCID-qnpk-1b3c-aaah	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T14:48:51.159432+00:00	Debian Importer	Fixing	VCID-2sh1-yqq9-aaah	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T14:20:14.508703+00:00	Debian Importer	Fixing	VCID-yjk5-q2yd-aaac	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T10:38:24.153681+00:00	Debian Importer	Fixing	VCID-ajr1-sm2f-2fh7	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T10:20:22.979520+00:00	Debian Importer	Fixing	VCID-um2g-zequ-aaaf	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T09:30:13.481802+00:00	Debian Importer	Fixing	VCID-ctqm-mmue-aaaf	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-09T09:29:48.295590+00:00	Debian Importer	Fixing	VCID-pg8s-z1fe-aaac	https://security-tracker.debian.org/tracker/data/json	36.0.0