diff --git a/.gitignore b/.gitignore
index 08911b0..5023da7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/nodemon-v2.0.19-bundled.tar.gz
+SOURCES/nodemon-v2.0.20-bundled.tar.gz
diff --git a/.nodejs-nodemon.metadata b/.nodejs-nodemon.metadata
index 8daffa1..56eed33 100644
--- a/.nodejs-nodemon.metadata
+++ b/.nodejs-nodemon.metadata
@@ -1 +1 @@
-ea8166b34515044e685b18b8cb05f0079022a65a SOURCES/nodemon-v2.0.19-bundled.tar.gz
+5d22c6e6d6f9c7b8f22a0286ec5e23eb1e6c3947 SOURCES/nodemon-v2.0.20-bundled.tar.gz
diff --git a/SPECS/nodejs-nodemon.spec b/SPECS/nodejs-nodemon.spec
index 9701b4b..4292d46 100644
--- a/SPECS/nodejs-nodemon.spec
+++ b/SPECS/nodejs-nodemon.spec
@@ -5,7 +5,7 @@
 %global enable_tests 0
 
 Name:          nodejs-%{npm_name}
-Version:       2.0.19
+Version:       2.0.20
 Release:       2%{?dist}
 Summary:       Simple monitor script for use during development of a node.js app
 License:       MIT
@@ -73,15 +73,24 @@ npm run test
 %{_bindir}/nodemon
 
 %changelog
+* Fri Dec 02 2022 Jan Staněk <jstanek@redhat.com> - 2.0.20-1
+- Record CVE fixed in the current or previous upstream versions
+  Resolves: CVE-2021-44906
+
+* Wed Nov 16 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 2.0.20-1
+- Rebase to 2.0.20
+- Resolves: CVE-2022-3517
+- Resolves: #2142841
+
 * Wed Aug 03 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 2.0.19-2
 - Switched from autosetup
 - Removed CODE_OF_CONDUCT.md and faq.md which is not present in npmjs package, might switch to GH sources in the future
-- Resolves: RHBZ#2109921
+- Resolves: RHBZ#2108141
 
 * Mon Jul 25 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 2.0.19-1
 - Rebase to 2.0.19
 - Resolves CVE-2022-33987
-- Resolves: RHBZ#2109921
+- Resolves: RHBZ#2108141
 
 * Tue Nov 30 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 2.0.15-1
 - Resolves: RHBZ#2005419