-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with NodeJS version 10.24.1. This release addresses vulnerabilities related to CVE-2021-3450, CVE-2021-3449, and CVE-2020-7774. We strongly encourage all NodeJS users to update to version 10.24.1.
 
 
AFFECTED VERSIONS
All versions of NodeJS through 10.24.0.

 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2021-3450 - HIGH
NodeJS 10.24.1
Fixed bug related to CVE-2021-3450.

CVE-2021-3449 - MEDIUM
NodeJS 10.24.1
Fixed bug related to CVE-2021-3449.

CVE-2020-7774- HIGH
NodeJS 10.24.1
Fixed bug related to CVE-2020-7774.


SOLUTION
cPanel, L.L.C. has released updated RPMs for EasyApache 4 on April 28, 2021, with an updated version of NodeJS 10.24.1. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2021-3450
https://nvd.nist.gov/vuln/detail/CVE-2021-3449
https://nvd.nist.gov/vuln/detail/CVE-2020-7774
https://nodejs.org/en/blog/release/v10.24.1/













-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmCJkdQUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd//qg//VbxPUgvQK71RKnkBIFwwhF55HQVw
BX5dmldkjE9fl7heLuHew1G1CXryDbxHhIRTcsRfS4BlgZTYkqCyXGk3WwMTZ5y0
Wtm4SETuXZO3Nqese/3eE6hwrF7h3bBVtM/kIuRi6wTHyGn+aWXALGEZEaDWaU9e
O4CkPj7n0MJt5lgf0MxIIye/0rkAViwYhBqdc8jvDGR56l8mLUtdn0t57PTkBe1A
683LMeqF9yb2cN0v7obj3TZAc7B0OmIzc8OqsKkMYqjRpEb9+LZStXNftw6Ct3Jp
1a1jggBZT6yGGmkV8ABCrroDDSkTavJiKZ4hLJajMlRJedku7GEMojgPQC0gej8E
K6VmHY3SpF3V/imBC05vjIcaokce8SaOHuf/tQQfVCxVB/WF9XCdREjnYuO8G3bc
/KcxqsU29EOI6FAlFxCiHSd7lJeVuNXhxrGR8YU8ncM3n2Zvx06tXT2thlzFlJ1D
mBrYaMgZKN0Wne3OltcLVr/FAe7P7u830AAA/yPALTjw3G0iKhLPCDIKc3yFHOWv
gbPzo58wmYILbQIAU1S5kOUaLvmG/RT8IaV04N4MwNb1PjvVQ3BX1wT45f6nCBXG
5A5RTMxwlYuxnmR1b8Ve1r5stXjTZS3hGsTMA5X1sD7XCpYz6/BMSqFQTkCyU1P3
VLd2lxbbnSZHTgw=
=gd54
-----END PGP SIGNATURE-----