Node20 Externals Version needs upgrade [CVE-2025-23083, CVE-2025-2309]

[rcarpio-hbo]

Describe the bug
Security scanning of the default installation method results in:

• CVE-2025-23083
• CVE-2025-2309
  being tripped based on the current version of Node JS 20 set in externals.

To Reproduce
Steps to reproduce the behavior:

• Take latest installation from releases including runtimes and externals. Example: actions-runner-linux-x64-2.322.0.tar.gz
• Uncompress
• Run security scan (e.g. Wiz)
• Expected behavior
• Clean security report

Runner Version and Platform

v2.322.0

OS of the machine running the runner? OSX/Windows/Linux/...

Linux

What's not working?

CPE vulnerabilities:
    Name: cpe:2.3:a:nodejs:node.js, Version: 20.18.0, Path: /externals/node20/bin/node
        CVE-2025-23083, Severity: HIGH, Source: https://vulncheck.com/browse/cve/CVE-2025-23083
            🩹 Fixed version: 20.18.2
        CVE-2025-23090, Severity: HIGH, Source: https://vulncheck.com/browse/cve/CVE-2025-23090
            🩹 Fixed version: 20.18.2

Vulnerable packages: CRITICAL: 0, HIGH: 1, MEDIUM: 0, LOW: 0, INFORMATIONAL: 0
    Total: 1
Vulnerabilities: CRITICAL: 0, HIGH: 2, MEDIUM: 0, LOW: 0, INFORMATIONAL: 0
    Total: 2, out of which 2 are fixable
Directories scanned: 1053, Files scanned: 4568
Scan results: PASSED. Directory meets policy requirements

[rcarpio-hbo]

This issues is duplicated by #3681