Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-nodejs12-nodejs@12.20.1-1?arch=el7
Typerpm
Namespaceredhat
Namerh-nodejs12-nodejs
Version12.20.1-1
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-75cr-t5b7-67d8
vulnerability_id VCID-75cr-t5b7-67d8
summary 
Prototype Pollution in mixin-deep
Versions of `mixin-deep` prior to 2.0.1 or 1.3.2 are vulnerable to Prototype Pollution. The `mixinDeep` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.


## Recommendation

If you are using `mixin-deep` 2.x, upgrade to version 2.0.1 or later.
If you are using `mixin-deep` 1.x, upgrade to version 1.3.2 or later.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10746.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10746.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10746
reference_id
reference_type
scores
0
value 0.01131
scoring_system epss
scoring_elements 0.7835
published_at 2026-04-21T12:55:00Z
1
value 0.01131
scoring_system epss
scoring_elements 0.78354
published_at 2026-04-16T12:55:00Z
2
value 0.01131
scoring_system epss
scoring_elements 0.78352
published_at 2026-04-18T12:55:00Z
3
value 0.01131
scoring_system epss
scoring_elements 0.78271
published_at 2026-04-01T12:55:00Z
4
value 0.01131
scoring_system epss
scoring_elements 0.78278
published_at 2026-04-02T12:55:00Z
5
value 0.01131
scoring_system epss
scoring_elements 0.78309
published_at 2026-04-04T12:55:00Z
6
value 0.01131
scoring_system epss
scoring_elements 0.78291
published_at 2026-04-07T12:55:00Z
7
value 0.01131
scoring_system epss
scoring_elements 0.78317
published_at 2026-04-08T12:55:00Z
8
value 0.01131
scoring_system epss
scoring_elements 0.78323
published_at 2026-04-09T12:55:00Z
9
value 0.01131
scoring_system epss
scoring_elements 0.78349
published_at 2026-04-11T12:55:00Z
10
value 0.01131
scoring_system epss
scoring_elements 0.78332
published_at 2026-04-12T12:55:00Z
11
value 0.01131
scoring_system epss
scoring_elements 0.78325
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10746
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10746
3
reference_url https://github.com/jonschlinkert/mixin-deep/commit/8f464c8ce9761a8c9c2b3457eaeee9d404fa7af9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jonschlinkert/mixin-deep/commit/8f464c8ce9761a8c9c2b3457eaeee9d404fa7af9
4
reference_url https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10746
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10746
12
reference_url https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
13
reference_url https://www.npmjs.com/advisories/1013
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1013
14
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1795475
reference_id 1795475
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1795475
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932500
reference_id 932500
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932500
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mixin-deep_project:mixin-deep:2.0.0:*:*:*:*:node.js:*:*
reference_id cpe:2.3:a:mixin-deep_project:mixin-deep:2.0.0:*:*:*:*:node.js:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mixin-deep_project:mixin-deep:2.0.0:*:*:*:*:node.js:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mixin-deep_project:mixin-deep:*:*:*:*:*:node.js:*:*
reference_id cpe:2.3:a:mixin-deep_project:mixin-deep:*:*:*:*:*:node.js:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mixin-deep_project:mixin-deep:*:*:*:*:*:node.js:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.4.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
22
reference_url https://github.com/advisories/GHSA-fhjf-83wg-r2j9
reference_id GHSA-fhjf-83wg-r2j9
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fhjf-83wg-r2j9
23
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
24
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
fixed_packages
aliases CVE-2019-10746, GHSA-fhjf-83wg-r2j9
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75cr-t5b7-67d8
1
url VCID-7tyw-ppyt-zqgr
vulnerability_id VCID-7tyw-ppyt-zqgr
summary 
ini before 1.3.6 vulnerable to Prototype Pollution via ini.parse
### Overview
The `ini` npm package before version 1.3.6 has a Prototype Pollution vulnerability.

If an attacker submits a malicious INI file to an application that parses it with `ini.parse`, they will pollute the prototype on the application. This can be exploited further depending on the context.

### Patches

This has been patched in 1.3.6.

### Steps to reproduce

payload.ini
```
[__proto__]
polluted = "polluted"
```

poc.js:
```
var fs = require('fs')
var ini = require('ini')

var parsed = ini.parse(fs.readFileSync('./payload.ini', 'utf-8'))
console.log(parsed)
console.log(parsed.__proto__)
console.log(polluted)
```

```
> node poc.js
{}
{ polluted: 'polluted' }
{ polluted: 'polluted' }
polluted
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7788.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7788
reference_id
reference_type
scores
0
value 0.00291
scoring_system epss
scoring_elements 0.5253
published_at 2026-04-21T12:55:00Z
1
value 0.00291
scoring_system epss
scoring_elements 0.52398
published_at 2026-04-01T12:55:00Z
2
value 0.00291
scoring_system epss
scoring_elements 0.52444
published_at 2026-04-02T12:55:00Z
3
value 0.00291
scoring_system epss
scoring_elements 0.52471
published_at 2026-04-04T12:55:00Z
4
value 0.00291
scoring_system epss
scoring_elements 0.52437
published_at 2026-04-07T12:55:00Z
5
value 0.00291
scoring_system epss
scoring_elements 0.52489
published_at 2026-04-08T12:55:00Z
6
value 0.00291
scoring_system epss
scoring_elements 0.52484
published_at 2026-04-09T12:55:00Z
7
value 0.00291
scoring_system epss
scoring_elements 0.52535
published_at 2026-04-11T12:55:00Z
8
value 0.00291
scoring_system epss
scoring_elements 0.52518
published_at 2026-04-12T12:55:00Z
9
value 0.00291
scoring_system epss
scoring_elements 0.52502
published_at 2026-04-13T12:55:00Z
10
value 0.00291
scoring_system epss
scoring_elements 0.52541
published_at 2026-04-16T12:55:00Z
11
value 0.00291
scoring_system epss
scoring_elements 0.52546
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788
3
reference_url https://github.com/npm/ini
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/ini
4
reference_url https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1
5
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7788
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7788
7
reference_url https://snyk.io/vuln/SNYK-JS-INI-1048974
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-INI-1048974
8
reference_url https://www.npmjs.com/advisories/1589
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1589
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1907444
reference_id 1907444
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1907444
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977718
reference_id 977718
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977718
11
reference_url https://github.com/advisories/GHSA-qqgx-2p2h-9c37
reference_id GHSA-qqgx-2p2h-9c37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qqgx-2p2h-9c37
12
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
13
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
14
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
15
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
16
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
17
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
18
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
19
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
20
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
21
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
22
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
23
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
fixed_packages
aliases CVE-2020-7788, GHSA-qqgx-2p2h-9c37
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7tyw-ppyt-zqgr
2
url VCID-cu35-t78a-wfcj
vulnerability_id VCID-cu35-t78a-wfcj
summary 
Prototype Pollution in set-value
Versions of `set-value` prior to 3.0.1 or 2.0.1 are vulnerable to Prototype Pollution. The `set` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects.




## Recommendation

If you are using `set-value` 3.x, upgrade to version 3.0.1 or later.
If you are using `set-value` 2.x, upgrade to version 2.0.1 or later.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10747.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10747.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10747
reference_id
reference_type
scores
0
value 0.00503
scoring_system epss
scoring_elements 0.66139
published_at 2026-04-21T12:55:00Z
1
value 0.00503
scoring_system epss
scoring_elements 0.66126
published_at 2026-04-09T12:55:00Z
2
value 0.00503
scoring_system epss
scoring_elements 0.66152
published_at 2026-04-18T12:55:00Z
3
value 0.00503
scoring_system epss
scoring_elements 0.66138
published_at 2026-04-16T12:55:00Z
4
value 0.00503
scoring_system epss
scoring_elements 0.66103
published_at 2026-04-13T12:55:00Z
5
value 0.00503
scoring_system epss
scoring_elements 0.66133
published_at 2026-04-12T12:55:00Z
6
value 0.00503
scoring_system epss
scoring_elements 0.66028
published_at 2026-04-01T12:55:00Z
7
value 0.00503
scoring_system epss
scoring_elements 0.66069
published_at 2026-04-02T12:55:00Z
8
value 0.00503
scoring_system epss
scoring_elements 0.66097
published_at 2026-04-04T12:55:00Z
9
value 0.00503
scoring_system epss
scoring_elements 0.66065
published_at 2026-04-07T12:55:00Z
10
value 0.00503
scoring_system epss
scoring_elements 0.66114
published_at 2026-04-08T12:55:00Z
11
value 0.00503
scoring_system epss
scoring_elements 0.66145
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10747
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10747
3
reference_url https://github.com/jonschlinkert/set-value/commit/95e9d9923f8a8b4a01da1ea138fcc39ec7b6b15f
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jonschlinkert/set-value/commit/95e9d9923f8a8b4a01da1ea138fcc39ec7b6b15f
4
reference_url https://github.com/jonschlinkert/set-value/commit/cb12f14955dde6e61829d70d1851bfea6a3c31ad
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jonschlinkert/set-value/commit/cb12f14955dde6e61829d70d1851bfea6a3c31ad
5
reference_url https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292@%3Cdev.drat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292@%3Cdev.drat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292%40%3Cdev.drat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292%40%3Cdev.drat.apache.org%3E
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EJ36KV6MXQPUYTFCCTDY54E5Y7QP3AV/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3HNLQZQINMZK6GYB2UTKK4VU7WBV2OT/
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10747
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10747
14
reference_url https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
15
reference_url https://www.npmjs.com/advisories/1012
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1012
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1795479
reference_id 1795479
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1795479
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941189
reference_id 941189
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941189
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:set-value_project:set-value:*:*:*:*:*:node.js:*:*
reference_id cpe:2.3:a:set-value_project:set-value:*:*:*:*:*:node.js:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:set-value_project:set-value:*:*:*:*:*:node.js:*:*
19
reference_url https://github.com/advisories/GHSA-4g88-fppr-53pp
reference_id GHSA-4g88-fppr-53pp
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4g88-fppr-53pp
20
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
21
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
fixed_packages
aliases CVE-2019-10747, GHSA-4g88-fppr-53pp
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cu35-t78a-wfcj
3
url VCID-k6bh-s1cq-n3a7
vulnerability_id VCID-k6bh-s1cq-n3a7
summary 
Improper Input Validation
The utilities function in all versions of the deep-extend node module can be tricked into modifying the prototype of `Object` when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3750.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3750.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-3750
reference_id
reference_type
scores
0
value 0.00293
scoring_system epss
scoring_elements 0.52661
published_at 2026-04-21T12:55:00Z
1
value 0.00293
scoring_system epss
scoring_elements 0.52613
published_at 2026-04-09T12:55:00Z
2
value 0.00293
scoring_system epss
scoring_elements 0.52631
published_at 2026-04-13T12:55:00Z
3
value 0.00293
scoring_system epss
scoring_elements 0.52647
published_at 2026-04-12T12:55:00Z
4
value 0.00293
scoring_system epss
scoring_elements 0.52574
published_at 2026-04-02T12:55:00Z
5
value 0.00293
scoring_system epss
scoring_elements 0.52601
published_at 2026-04-04T12:55:00Z
6
value 0.00293
scoring_system epss
scoring_elements 0.52567
published_at 2026-04-07T12:55:00Z
7
value 0.00293
scoring_system epss
scoring_elements 0.52618
published_at 2026-04-08T12:55:00Z
8
value 0.00293
scoring_system epss
scoring_elements 0.52664
published_at 2026-04-11T12:55:00Z
9
value 0.00293
scoring_system epss
scoring_elements 0.52676
published_at 2026-04-18T12:55:00Z
10
value 0.00293
scoring_system epss
scoring_elements 0.52669
published_at 2026-04-16T12:55:00Z
11
value 0.00293
scoring_system epss
scoring_elements 0.52529
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-3750
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3750
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3750
3
reference_url https://github.com/advisories/GHSA-hr2v-3952-633q
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hr2v-3952-633q
4
reference_url https://github.com/unclechu/node-deep-extend/commit/9423fae877e2ab6b4aecc4db79a0ed63039d4703
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/unclechu/node-deep-extend/commit/9423fae877e2ab6b4aecc4db79a0ed63039d4703
5
reference_url https://hackerone.com/reports/311333
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/311333
6
reference_url https://www.npmjs.com/advisories/612
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/612
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1578246
reference_id 1578246
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1578246
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926616
reference_id 926616
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926616
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:deep_extend_project:deep_extend:*:*:*:*:*:node.js:*:*
reference_id cpe:2.3:a:deep_extend_project:deep_extend:*:*:*:*:*:node.js:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:deep_extend_project:deep_extend:*:*:*:*:*:node.js:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-3750
reference_id CVE-2018-3750
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-3750
11
reference_url https://access.redhat.com/errata/RHSA-2020:2625
reference_id RHSA-2020:2625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2625
12
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
13
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
fixed_packages
aliases CVE-2018-3750, GHSA-hr2v-3952-633q
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6bh-s1cq-n3a7
4
url VCID-v5h1-gpt1-97bj
vulnerability_id VCID-v5h1-gpt1-97bj
summary 
Regular expression denial of service in npm-user-validate
This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7754.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7754.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7754
reference_id
reference_type
scores
0
value 0.0163
scoring_system epss
scoring_elements 0.81918
published_at 2026-04-21T12:55:00Z
1
value 0.0163
scoring_system epss
scoring_elements 0.81814
published_at 2026-04-01T12:55:00Z
2
value 0.0163
scoring_system epss
scoring_elements 0.81824
published_at 2026-04-02T12:55:00Z
3
value 0.0163
scoring_system epss
scoring_elements 0.81847
published_at 2026-04-04T12:55:00Z
4
value 0.0163
scoring_system epss
scoring_elements 0.81844
published_at 2026-04-07T12:55:00Z
5
value 0.0163
scoring_system epss
scoring_elements 0.8187
published_at 2026-04-08T12:55:00Z
6
value 0.0163
scoring_system epss
scoring_elements 0.81877
published_at 2026-04-09T12:55:00Z
7
value 0.0163
scoring_system epss
scoring_elements 0.81897
published_at 2026-04-11T12:55:00Z
8
value 0.0163
scoring_system epss
scoring_elements 0.81885
published_at 2026-04-12T12:55:00Z
9
value 0.0163
scoring_system epss
scoring_elements 0.8188
published_at 2026-04-13T12:55:00Z
10
value 0.0163
scoring_system epss
scoring_elements 0.81916
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7754
2
reference_url https://github.com/npm/npm-user-validate/commit/c8a87dac1a4cc6988b5418f30411a8669bef204e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/npm-user-validate/commit/c8a87dac1a4cc6988b5418f30411a8669bef204e
3
reference_url https://github.com/npm/npm-user-validate/security/advisories/GHSA-xgh6-85xh-479p
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/npm-user-validate/security/advisories/GHSA-xgh6-85xh-479p
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7754
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7754
5
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1019353
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1019353
6
reference_url https://snyk.io/vuln/SNYK-JS-NPMUSERVALIDATE-1019352
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-NPMUSERVALIDATE-1019352
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1892430
reference_id 1892430
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1892430
8
reference_url https://github.com/advisories/GHSA-pw54-mh39-w3hc
reference_id GHSA-pw54-mh39-w3hc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pw54-mh39-w3hc
9
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
10
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
11
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
12
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
13
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
14
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
fixed_packages
aliases CVE-2020-7754, GHSA-pw54-mh39-w3hc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v5h1-gpt1-97bj
5
url VCID-zj4d-e8r7-ufg3
vulnerability_id VCID-zj4d-e8r7-ufg3
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8287
reference_id
reference_type
scores
0
value 0.11865
scoring_system epss
scoring_elements 0.93694
published_at 2026-04-01T12:55:00Z
1
value 0.11865
scoring_system epss
scoring_elements 0.9376
published_at 2026-04-21T12:55:00Z
2
value 0.11865
scoring_system epss
scoring_elements 0.9375
published_at 2026-04-16T12:55:00Z
3
value 0.11865
scoring_system epss
scoring_elements 0.93757
published_at 2026-04-18T12:55:00Z
4
value 0.11865
scoring_system epss
scoring_elements 0.93704
published_at 2026-04-02T12:55:00Z
5
value 0.11865
scoring_system epss
scoring_elements 0.93714
published_at 2026-04-04T12:55:00Z
6
value 0.11865
scoring_system epss
scoring_elements 0.93717
published_at 2026-04-07T12:55:00Z
7
value 0.11865
scoring_system epss
scoring_elements 0.93726
published_at 2026-04-08T12:55:00Z
8
value 0.11865
scoring_system epss
scoring_elements 0.93727
published_at 2026-04-09T12:55:00Z
9
value 0.11865
scoring_system epss
scoring_elements 0.93732
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8287
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690
reference_id 1016690
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912863
reference_id 1912863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912863
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id 979364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
8
reference_url https://security.archlinux.org/ASA-202101-16
reference_id ASA-202101-16
reference_type
scores
url https://security.archlinux.org/ASA-202101-16
9
reference_url https://security.archlinux.org/AVG-1400
reference_id AVG-1400
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1400
10
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
11
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
12
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
13
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
14
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
15
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
16
reference_url https://usn.ubuntu.com/5563-1/
reference_id USN-5563-1
reference_type
scores
url https://usn.ubuntu.com/5563-1/
17
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
aliases CVE-2020-8287
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zj4d-e8r7-ufg3
6
url VCID-ztt4-vnk7-7ycq
vulnerability_id VCID-ztt4-vnk7-7ycq
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8265
reference_id
reference_type
scores
0
value 0.00755
scoring_system epss
scoring_elements 0.73197
published_at 2026-04-01T12:55:00Z
1
value 0.00755
scoring_system epss
scoring_elements 0.73292
published_at 2026-04-21T12:55:00Z
2
value 0.00755
scoring_system epss
scoring_elements 0.73291
published_at 2026-04-16T12:55:00Z
3
value 0.00755
scoring_system epss
scoring_elements 0.733
published_at 2026-04-18T12:55:00Z
4
value 0.00755
scoring_system epss
scoring_elements 0.73207
published_at 2026-04-02T12:55:00Z
5
value 0.00755
scoring_system epss
scoring_elements 0.73228
published_at 2026-04-04T12:55:00Z
6
value 0.00755
scoring_system epss
scoring_elements 0.73201
published_at 2026-04-07T12:55:00Z
7
value 0.00755
scoring_system epss
scoring_elements 0.73238
published_at 2026-04-08T12:55:00Z
8
value 0.00755
scoring_system epss
scoring_elements 0.73251
published_at 2026-04-09T12:55:00Z
9
value 0.00755
scoring_system epss
scoring_elements 0.73276
published_at 2026-04-11T12:55:00Z
10
value 0.00755
scoring_system epss
scoring_elements 0.73255
published_at 2026-04-12T12:55:00Z
11
value 0.00755
scoring_system epss
scoring_elements 0.73248
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8265
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912854
reference_id 1912854
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912854
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id 979364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
7
reference_url https://security.archlinux.org/ASA-202101-16
reference_id ASA-202101-16
reference_type
scores
url https://security.archlinux.org/ASA-202101-16
8
reference_url https://security.archlinux.org/AVG-1400
reference_id AVG-1400
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1400
9
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
10
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
11
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
12
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
13
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
14
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
15
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
aliases CVE-2020-8265
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztt4-vnk7-7ycq
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-nodejs12-nodejs@12.20.1-1%3Farch=el7