Overview All releases

Version History

v22.0.0

v21.7.3 v21.7.2 v21.7.1 v21.7.0 v21.6.2 v21.6.1 v21.6.0 v21.5.0 v21.4.0 v21.3.0 v21.2.0 v21.1.0 v21.0.0

v20.12.2 v20.12.1 v20.12.0 v20.11.1 v20.11.0 v20.10.0 v20.9.0

v20.8.1

v20.8.0 v20.7.0 v20.6.1 v20.6.0 v20.5.1 v20.5.0 v20.4.0 v20.3.1 v20.3.0 v20.2.0 v20.1.0 v20.0.0

v19.9.0 v19.8.1 v19.8.0 v19.7.0 v19.6.1 v19.6.0 v19.5.0 v19.4.0 v19.3.0 v19.2.0 v19.1.0 v19.0.1 v19.0.0

v18.20.2 v18.20.1 v18.20.0 v18.19.1 v18.19.0 v18.18.2 v18.18.1 v18.18.0 v18.17.1 v18.17.0 v18.16.1 v18.16.0 v18.15.0 v18.14.2 v18.14.1 v18.14.0 v18.13.0 v18.12.1 v18.12.0 v18.11.0 v18.10.0 v18.9.1 v18.9.0 v18.8.0 v18.7.0 v18.6.0 v18.5.0 v18.4.0 v18.3.0 v18.2.0 v18.1.0 v18.0.0

v17.9.1 v17.9.0 v17.8.0 v17.7.2 v17.7.1 v17.7.0 v17.6.0 v17.5.0 v17.4.0 v17.3.1

v17.3.0

v17.2.0

v17.1.0

v17.0.1

v17.0.0

v16.20.2 v16.20.1 v16.20.0 v16.19.1 v16.19.0 v16.18.1 v16.18.0 v16.17.1 v16.17.0 v16.16.0 v16.15.1 v16.15.0 v16.14.2 v16.14.1 v16.14.0 v16.13.2

v16.13.1

v16.13.0

v16.12.0

v16.11.1

v16.11.0

v16.10.0

v16.9.1

v16.9.0

v16.8.0

v16.7.0

v16.6.2

v16.6.1

v16.6.0

v16.5.0

v16.4.2

v16.4.1

v16.4.0

v16.3.0

v16.2.0

v16.1.0

v16.0.0

v15.14.0

v15.13.0

v15.12.0

v15.11.0

v15.10.0

v15.9.0

v15.8.0

v15.7.0

v15.6.0

v15.5.1

v15.5.0

v15.4.0

v15.3.0

v15.2.1

v15.2.0

v15.1.0

v15.0.1

v15.0.0

v14.21.3 v14.21.2 v14.21.1 v14.21.0 v14.20.1 v14.20.0 v14.19.3 v14.19.2 v14.19.1 v14.19.0 v14.18.3

v14.18.2

v14.18.1

v14.18.0

v14.17.6

v14.17.5

v14.17.4

v14.17.3

v14.17.2

v14.17.1

v14.17.0

v14.16.1

v14.16.0

v14.15.5

v14.15.4

v14.15.3

v14.15.2

v14.15.1

v14.15.0

v14.14.0

v14.13.1

v14.13.0

v14.12.0

v14.11.0

v14.10.1

v14.10.0

v14.9.0

v14.8.0

v14.7.0

v14.6.0

v14.5.0

v14.4.0

v14.3.0

v14.2.0

v14.1.0

v14.0.0

v13.14.0

v13.13.0

v13.12.0

v13.11.0

v13.10.1

v13.10.0

v13.9.0

v13.8.0

v13.7.0

v13.6.0

v13.5.0

v13.4.0

v13.3.0

v13.2.0

v13.1.0

v13.0.1

v13.0.0

v12.22.12 v12.22.11 v12.22.10 v12.22.9

v12.22.8

v12.22.7

v12.22.6

v12.22.5

v12.22.4

v12.22.3

v12.22.2

v12.22.1

v12.22.0

v12.21.0

v12.20.2

v12.20.1

v12.20.0

v12.19.1

v12.19.0

v12.18.4

v12.18.3

v12.18.2

v12.18.1

v12.18.0

v12.17.0

v12.16.3

v12.16.2

v12.16.1

v12.16.0

v12.15.0

v12.14.1

v12.14.0

v12.13.1

v12.13.0

v12.12.0

v12.11.1

v12.11.0

v12.10.0

v12.9.1

v12.9.0

v12.8.1

v12.8.0

v12.7.0

v12.6.0

v12.5.0

v12.4.0

v12.3.1

v12.3.0

v12.2.0

v12.1.0

v12.0.0

v11.15.0

v11.14.0

v11.13.0

v11.12.0

v11.11.0

v11.10.0

v11.9.0

v11.8.0

v11.7.0

v11.6.0

v11.5.0

v11.4.0

v11.3.0

v11.2.0

v11.1.0

v11.0.0

v10.24.1

v10.24.0

v10.23.3

v10.23.2

v10.23.1

v10.23.0

v10.22.1

v10.22.0

v10.21.0

v10.20.1

v10.20.0

v10.19.0

v10.18.1

v10.18.0

v10.17.0

v10.16.3

v10.16.2

v10.16.1

v10.16.0

v10.15.3

v10.15.1

v10.15.0

v10.14.2

v10.14.1

v10.14.0

v10.13.0

v10.12.0

v10.11.0

v10.10.0

v10.9.0

v10.8.0

v10.7.0

v10.6.0

v10.5.0

v10.4.1

v10.4.0

v10.3.0

v10.2.1

v10.2.0

v10.1.0

v10.0.0

v9.11.2

v9.11.1

v9.11.0

v9.10.1

v9.10.0

v9.9.0

v9.8.0

v9.7.1

v9.7.0

v9.6.1

v9.6.0

v9.5.0

v9.4.0

v9.3.0

v9.2.1

v9.2.0

v9.1.0

v9.0.0

v8.17.0

v8.16.2

v8.16.1

v8.16.0

v8.15.0

v8.14.1

v8.14.0

v8.13.0

v8.12.0

v8.11.4

v8.11.3

v8.11.2

v8.11.1

v8.11.0

v8.10.0

v8.9.4

v8.9.3

v8.9.2

v8.9.1

v8.9.0

v8.8.1

v8.8.0

v8.7.0

v8.6.0

v8.5.0

v6.17.1

v6.16.0

v6.15.1

v6.15.0

v6.14.4

v6.14.3

v6.14.2

v6.14.1

v6.14.0

v6.13.1

v6.13.0

v6.12.3

v6.12.2

v6.12.1

v6.12.0

v6.11.5

v6.11.4

v6.11.3

v4.9.1

v4.9.0

v4.8.7

v4.8.6

v4.8.5

Node.js - v20.8.1

Security

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

CVE-2023-44487: nghttp2 Security Release (High)
CVE-2023-45143: undici Security Release (High)
CVE-2023-39332: Path traversal through path stored in Uint8Array (High)
CVE-2023-39331: Permission model improperly protects against path traversal (High)
CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium)
CVE-2023-39333: Code injection via WebAssembly export names (Low)

More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.

Commits

[c86883e844] - deps: update nghttp2 to 1.57.0 (James M Snell) #50121
[2860631359] - deps: update undici to v5.26.3 (Matteo Collina) #50153
[cd37838bf8] - lib: let deps require node prefixed modules (Matthew Aitken) #50047
[f5c90b2951] - module: fix code injection through export names (Tobias Nießen) nodejs-private/node-private#461
[fa5dae1944] - permission: fix Uint8Array path traversal (Tobias Nießen) nodejs-private/node-private#456
[cd35275111] - permission: improve path traversal protection (Tobias Nießen) nodejs-private/node-private#456
[a4cb7fc7c0] - policy: use tamper-proof integrity check function (Tobias Nießen) nodejs-private/node-private#462

Security

Details

date

Oct. 13, 2023, 9:09 p.m.

name

2023-10-13, Version 20.8.1 (Current), @RafaelGSS

type

Patch

official page

https://github.com/nodejs/node/releases/tag/v20.8.1

👇

🔍View and search all Node.js releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity