CNNVD-202507-2479 Information

CNNVD ID

CNNVD-202507-2479

Related CVE

CVE-2025-27209

• CNNVD Published: 2025-07-18

Description (Chinese)

Node.js是Node.js开源的一个开源、跨平台的 JavaScript 运行时环境。 Node.js v24.x版本存在安全漏洞，该漏洞源于字符串哈希计算实现不当，可能导致哈希碰撞攻击。

Description (English)

Node.js is an open-source, cross-platform JavaScript running environment for Node.js. Node.js v24.x has a security loophole, which stems from the miscalculation of the string Hashi, which could lead to a Hashi collision attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Node.js

Published

2025-07-18

Last Modified

2026-02-24

References

https://nodejs.org/en/blog/vulnerability/july-2025-security-releases https://access.redhat.com/security/cve/cve-2025-27209

Patch

https://nodejs.org/zh-cn/download