Warning Regarding Use of End-of-Life (EOL) Versions of Node.js

Summary

CVE-2025-23087: End-of-Life versions of Node.js

Issue / Objective

Priority: Medium

Status: Completed

First Published: 26 February 2025

Advisory Version: 1.0

References: CVE-2025-23087

The Node.js Project recently issued CVE-2025-23087 as an urgent reminder that use of versions of Node.js that have already reached their end-of-life (EOL) and that are no longer maintained or supported may expose systems to significant security risks due to unaddressed vulnerabilites and dependencies.

These EOL versions of Node.js include all versions prior to, and including, Node.js v17.9.1.

There are no currently supported Hitachi Vantara products or Solutions that use EOL versions of Node.js.

Additional information about this announcement can be found at these sources:

If any of the information presented above remains unclear, please contact the Hitachi Vantara Global Support Center, or your Vantara-authorized service and support provider.

The information contained herein is for informational purposes only. It is not intended as a guaranty or warranty about Hitachi Vantara’s products, including any guaranty or warranty that any product cannot be exploited by third parties. All product warranties and obligations to a customer must be specified in a mutually acceptable and executed contract between the parties.

Keywords: CVE-2025-23087: node.js