Bundled nodejs - cve-2024-27982

slarm · June 28, 2024, 12:48pm

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
2.14.0 - 2.15.0, nodejs 8.19.0

Describe the issue:
Our security scans shows that the bundled nodejs is affected by cve-2024-27982 (Node.js — Wednesday, April 3, 2024 Security Releases)

I’m trying to figure if it’s been backported or if the bundled nodejs version will be upgraded to 8.19.1 anytime soon.

Topic		Replies	Views
How to upgrade nodejs in OpenSearch Dashboards OpenSearch Dashboards cve	0	129	April 26, 2024
Potential security issues with the bundled node.js OpenSearch Dashboards cve	3	442	May 5, 2024
[Documentation] NodeJS Support for Opensearch Dashboards v2.9.0 OpenSearch Dashboards releases	2	553	October 8, 2024
I Geeting some vulnerability issue in opensearchproject/opensearch-Dashboard:2.8.0 docker Image OpenSearch releases , cve , security-issue	2	329	June 22, 2023
Facing issue with OpenSearch image vulnerabilities OpenSearch cve , security-issue	2	796	January 26, 2023