---
title: IMPORTANT! Update Node.JS to 18.20.4, 20.15.1, 22.4.1 or newer!
date: 2024-07-08 21:04:03
tags:
 - cybersecurity
 - node.js
category: Notices
thumbnail: /images/covers/IMPORTANT-Update-Node-JS-to-18-20-4-20-15-1-22-4-1-or-newer.png
---

**IMPORTANT! Update Node.JS to 18.20.4, 20.15.1, 22.4.1 or newer!**

Older versions of Node.JS had a [CVE-2024-22020 vulnerability](https://nodejs.org/en/blog/vulnerability/july-2024-security-releases#bypass-network-import-restriction-via-data-url-cve-2024-22020---medium), which involves embedding network imports in `data:` URLs to execute arbitrary code.

The original vulnerability description (from Node.JS blog):

_A security flaw in Node.js allows a bypass of network import restrictions._

_By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security._

_Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports._

_Exploiting this flaw can violate network import security, posing a risk to developers and servers._