You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The Node.js project will release new versions of the 18.x, 20.x and, 21.x
releases lines on or shortly after, Tuesday February 6 2024 in order to address:
- 4 high severity issues.
- 4 medium severity issue.
- 1 low severity issue.
## Impact
The 21.x release line of Node.js is vulnerable to 4 high severity issues, 4 medium severity issues, and 1 low severity issue.
The 20.x release line of Node.js is vulnerable to 4 high severity issues, 4 medium severity issues, and 1 low severity issue.
In addition, the 18.x release line of Node.js is vulnerable to 2 high severity issues, 2 medium severity issues, and 1 low severity issue.
## Release timing
Releases will be available on, or shortly after, Tuesday February 6 2024.
## Contact and future updates
The current Node.js security policy can be found at [https://nodejs.org/security/](/security/). Please follow the process outlined in <https://github.com/nodejs/node/security/policy> if you wish to report a vulnerability in Node.js.
Subscribe to the low-volume announcement-only nodejs-sec mailing list at <https://groups.google.com/forum/#!forum/nodejs-sec> to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization.
