winget install --id OpenJS.NodeJS.10About Node.js 10
Node.js® is a free, open-source, cross-platform JavaScript runtime environment that lets developers create servers, web apps, command line tools and scripts.
What's new in 10.24.1
This is a security release. Notable Changes Vulerabilties fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt - Impacts: - All versions of the 15.x, 14.x, 12.x and 10.x releases lines - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt - Impacts: - All versions of the 15.x, 14.x, 12.x and 10.x releases lines - CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High) - This is a vulnerability in the y18n npm module which may be exploited by prototype pollution. You can read more about it in https://github.com/advisories/GHSA-c4w7-xm78-47vh - Impacts: - All versions of the 14.x, 12.x and 10.x releases lines Commits - [5e526b96ce] - deps: upgrade npm to 6.14.12 (Ruy Adorno) #37918 - [781cb6df5c] - deps: update archs files for OpenSSL-1.1.1k (Tobias Nießen) #37940 - [5db0a05a90] - deps: upgrade openssl sources to 1.1.1k (Tobias Nießen) #37940
Version history
| Version | Updated | Notes |
|---|---|---|
| 10.24.1 | Unknown | This is a security release. Notable Changes Vulerabilties fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - This is a vulnerability in OpenSSL which may be exploited thro... |
| 10.24.0 | Unknown | This is a security release. Notable changes Vulnerabilities fixed: - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion - Affected Node.js versions are vulnerable to denial of service... |
| 10.23.3 | Unknown | Notable changes The update to npm 6.14.11 has been relanded so that npm correctly reports its version. Commits - [953a85035d] - crypto: fix crash when calling digest after piping (Tobias Nießen) #28251 - [fe2c98003e] - d... |
| 10.23.2 | Unknown | Notable changes Release keys have been synchronized with the main branch. - deps: - upgrade npm to 6.14.11 (Darcy Clarke) #36838 Commits - [cc6b69557a] - deps: upgrade npm to 6.14.11 (Darcy Clarke) #36838 - [aefb66528a]... |
| 10.16.1 | Unknown | Notable changes - deps: upgrade openssl sources to 1.1.1c (Sam Roberts) #28212 - stream: do not unconditionally call \_read() on resume() (Anna Henningsen) #26965 - worker: fix nullptr deref after MessagePort deser failu... |
| 10.16.0 | Unknown | Release notes |
| 10.15.3 | Unknown | Release notes |