CVE-2025-23089

Description

Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities

How to fix CVE-2025-23089

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• Bitnami/node—no fix listed
• Bitnami/node-min—no fix listed

Is CVE-2025-23089 being exploited?

No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2025-23089.

Affected packages (2)

• >= 21.0.0, <= 21.7.3
• >= 21.0.0, <= 21.7.3

References (2)

• WEBendoflife.date/nodejs
• WEBnodejs.org/en/blog/vulnerability/january-2025-security-releases