On Thu, May 08, 2025 at 11:44:07AM -0700, Rafael Gonzaga wrote: > The Node.js project will release new versions of all supported release > lines on or shortly after May 14th, 2025 > > For more information, see: > https://nodejs.org/en/blog/vulnerability/may-2025-security-releases
Thanks. Attached is the Markdown source of the above blog post from: https://raw.githubusercontent.com/nodejs/nodejs.org/refs/heads/main/apps/site/pages/en/blog/vulnerability/may-2025-security-releases.md Alexander
--- date: 2025-05-08T03:00:00.000Z category: vulnerability title: Wednesday, May 14, 2025 Security Releases slug: may-2025-security-releases layout: blog-post author: The Node.js Project --- # Summary The Node.js project will release new versions of the 24.x, 23.x, 22.x, 20.x releases lines on or shortly after, Wednesday, May 14, 2025 in order to address: - 1 low severity issues. - 1 high severity issues. - 1 medium severity issues. ## Impact The 24.x release line of Node.js is vulnerable to 1 high severity issues. The 23.x release line of Node.js is vulnerable to 1 high severity issues. The 22.x release line of Node.js is vulnerable to 1 low severity issues, 1 high severity issues. The 20.x release line of Node.js is vulnerable to 1 low severity issues, 1 high severity issues, 1 medium severity issues. It's important to note that End-of-Life versions are always affected when a security release occurs. To ensure your system's security, please use an up-to-date version as outlined in our [Release Schedule](https://github.com/nodejs/release#release-schedule). ## Release timing Releases will be available on, or shortly after, Wednesday, May 14, 2025. ## Contact and future updates The current Node.js security policy can be found at <https://nodejs.org/en/security/>. Please follow the process outlined in <https://github.com/nodejs/node/blob/master/SECURITY.md> if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at <https://groups.google.com/forum/#!forum/nodejs-sec> to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization.
