Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
Typedeb
Namespacedebian
Namenodejs
Version10.24.0~dfsg-1~deb10u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version20.19.2+dfsg-1
Latest_non_vulnerable_version20.19.2+dfsg-1
Affected_by_vulnerabilities
0
url VCID-2z1f-7jkw-17av
vulnerability_id VCID-2z1f-7jkw-17av
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27982.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27982.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27982
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60116
published_at 2026-04-13T12:55:00Z
1
value 0.00391
scoring_system epss
scoring_elements 0.60063
published_at 2026-04-07T12:55:00Z
2
value 0.00391
scoring_system epss
scoring_elements 0.60113
published_at 2026-04-08T12:55:00Z
3
value 0.00391
scoring_system epss
scoring_elements 0.60127
published_at 2026-04-09T12:55:00Z
4
value 0.00391
scoring_system epss
scoring_elements 0.60149
published_at 2026-04-11T12:55:00Z
5
value 0.00391
scoring_system epss
scoring_elements 0.60134
published_at 2026-04-12T12:55:00Z
6
value 0.00391
scoring_system epss
scoring_elements 0.60068
published_at 2026-04-02T12:55:00Z
7
value 0.00391
scoring_system epss
scoring_elements 0.60093
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27982
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27982
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27982
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347
reference_id 1068347
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347
5
reference_url https://hackerone.com/reports/2237099
reference_id 2237099
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:19:19Z/
url https://hackerone.com/reports/2237099
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2275392
reference_id 2275392
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2275392
7
reference_url https://security.archlinux.org/AVG-2852
reference_id AVG-2852
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2852
8
reference_url https://security.archlinux.org/AVG-2853
reference_id AVG-2853
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2853
9
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
10
reference_url https://access.redhat.com/errata/RHSA-2024:2778
reference_id RHSA-2024:2778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2778
11
reference_url https://access.redhat.com/errata/RHSA-2024:2779
reference_id RHSA-2024:2779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2779
12
reference_url https://access.redhat.com/errata/RHSA-2024:2780
reference_id RHSA-2024:2780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2780
13
reference_url https://access.redhat.com/errata/RHSA-2024:2853
reference_id RHSA-2024:2853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2853
14
reference_url https://access.redhat.com/errata/RHSA-2024:2910
reference_id RHSA-2024:2910
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2910
15
reference_url https://access.redhat.com/errata/RHSA-2024:3545
reference_id RHSA-2024:3545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3545
16
reference_url https://access.redhat.com/errata/RHSA-2024:4559
reference_id RHSA-2024:4559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4559
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2024-27982
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2z1f-7jkw-17av
1
url VCID-53xm-8w84-93cx
vulnerability_id VCID-53xm-8w84-93cx
summary Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22930.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22930.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22930
reference_id
reference_type
scores
0
value 0.00323
scoring_system epss
scoring_elements 0.55216
published_at 2026-04-01T12:55:00Z
1
value 0.00323
scoring_system epss
scoring_elements 0.55342
published_at 2026-04-13T12:55:00Z
2
value 0.00323
scoring_system epss
scoring_elements 0.55382
published_at 2026-04-11T12:55:00Z
3
value 0.00323
scoring_system epss
scoring_elements 0.55361
published_at 2026-04-12T12:55:00Z
4
value 0.00323
scoring_system epss
scoring_elements 0.55315
published_at 2026-04-02T12:55:00Z
5
value 0.00323
scoring_system epss
scoring_elements 0.55339
published_at 2026-04-04T12:55:00Z
6
value 0.00323
scoring_system epss
scoring_elements 0.55321
published_at 2026-04-07T12:55:00Z
7
value 0.00323
scoring_system epss
scoring_elements 0.55371
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22930
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1988394
reference_id 1988394
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1988394
5
reference_url https://security.archlinux.org/ASA-202108-1
reference_id ASA-202108-1
reference_type
scores
url https://security.archlinux.org/ASA-202108-1
6
reference_url https://security.archlinux.org/AVG-2239
reference_id AVG-2239
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2239
7
reference_url https://security.gentoo.org/glsa/202401-02
reference_id GLSA-202401-02
reference_type
scores
url https://security.gentoo.org/glsa/202401-02
8
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
9
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
10
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
11
reference_url https://access.redhat.com/errata/RHSA-2021:3623
reference_id RHSA-2021:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3623
12
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
13
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
14
reference_url https://access.redhat.com/errata/RHSA-2021:3666
reference_id RHSA-2021:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3666
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22930
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53xm-8w84-93cx
2
url VCID-5cf7-va9h-h3gy
vulnerability_id VCID-5cf7-va9h-h3gy
summary 
Improper Certificate Validation
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js does not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44531
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22783
published_at 2026-04-01T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.22952
published_at 2026-04-02T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22996
published_at 2026-04-04T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22789
published_at 2026-04-07T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.22863
published_at 2026-04-08T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22916
published_at 2026-04-09T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22936
published_at 2026-04-11T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22899
published_at 2026-04-12T12:55:00Z
8
value 0.00076
scoring_system epss
scoring_elements 0.22843
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44531
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1429694
reference_id
reference_type
scores
url https://hackerone.com/reports/1429694
10
reference_url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
11
reference_url https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220325-0007/
12
reference_url https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url https://www.debian.org/security/2022/dsa-5170
13
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
14
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040839
reference_id 2040839
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040839
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44531
reference_id CVE-2021-44531
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44531
18
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
20
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
21
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
22
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
23
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
24
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-44531
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5cf7-va9h-h3gy
3
url VCID-7tpb-9zrz-e7e1
vulnerability_id VCID-7tpb-9zrz-e7e1
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32212
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.19983
published_at 2026-04-02T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.20041
published_at 2026-04-04T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.19768
published_at 2026-04-07T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.19848
published_at 2026-04-08T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.19901
published_at 2026-04-09T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.19911
published_at 2026-04-11T12:55:00Z
6
value 0.00064
scoring_system epss
scoring_elements 0.19867
published_at 2026-04-12T12:55:00Z
7
value 0.00064
scoring_system epss
scoring_elements 0.19809
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32212
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105422
reference_id 2105422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105422
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
13
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
14
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
15
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
16
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
17
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-32212
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7tpb-9zrz-e7e1
4
url VCID-8c4g-fjsa-nkhw
vulnerability_id VCID-8c4g-fjsa-nkhw
summary 
llhttp allows HTTP Request Smuggling via Improper Delimiting of Header Fields
The llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. The LF character (without CR) is sufficient to delimit HTTP header fields in the lihttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This can lead to HTTP Request Smuggling (HRS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32214
reference_id
reference_type
scores
0
value 0.45841
scoring_system epss
scoring_elements 0.97625
published_at 2026-04-13T12:55:00Z
1
value 0.45841
scoring_system epss
scoring_elements 0.97612
published_at 2026-04-07T12:55:00Z
2
value 0.45841
scoring_system epss
scoring_elements 0.97624
published_at 2026-04-12T12:55:00Z
3
value 0.45841
scoring_system epss
scoring_elements 0.97622
published_at 2026-04-11T12:55:00Z
4
value 0.45841
scoring_system epss
scoring_elements 0.97619
published_at 2026-04-09T12:55:00Z
5
value 0.45841
scoring_system epss
scoring_elements 0.97617
published_at 2026-04-08T12:55:00Z
6
value 0.45841
scoring_system epss
scoring_elements 0.97608
published_at 2026-04-02T12:55:00Z
7
value 0.45841
scoring_system epss
scoring_elements 0.97611
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32214
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://datatracker.ietf.org/doc/html/rfc7230#section-3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://datatracker.ietf.org/doc/html/rfc7230#section-3
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
12
reference_url https://hackerone.com/reports/1524692
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1524692
13
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
14
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32214
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-32214
16
reference_url https://security.netapp.com/advisory/ntap-20220915-0001
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0001
17
reference_url https://security.netapp.com/advisory/ntap-20220915-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220915-0001/
18
reference_url https://www.debian.org/security/2023/dsa-5326
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5326
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105428
reference_id 2105428
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105428
20
reference_url https://github.com/advisories/GHSA-q5vx-44v4-gch4
reference_id GHSA-q5vx-44v4-gch4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q5vx-44v4-gch4
21
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
22
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
23
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
24
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
25
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
26
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
27
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-32214, GHSA-q5vx-44v4-gch4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8c4g-fjsa-nkhw
5
url VCID-9g7s-y7nq-xfbb
vulnerability_id VCID-9g7s-y7nq-xfbb
summary Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22939.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22939.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22939
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31612
published_at 2026-04-01T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31617
published_at 2026-04-13T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31693
published_at 2026-04-11T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31653
published_at 2026-04-12T12:55:00Z
4
value 0.00124
scoring_system epss
scoring_elements 0.31744
published_at 2026-04-02T12:55:00Z
5
value 0.00124
scoring_system epss
scoring_elements 0.31788
published_at 2026-04-04T12:55:00Z
6
value 0.00124
scoring_system epss
scoring_elements 0.31607
published_at 2026-04-07T12:55:00Z
7
value 0.00124
scoring_system epss
scoring_elements 0.3166
published_at 2026-04-08T12:55:00Z
8
value 0.00124
scoring_system epss
scoring_elements 0.31689
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22939
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1993039
reference_id 1993039
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1993039
5
reference_url https://security.archlinux.org/AVG-2283
reference_id AVG-2283
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2283
6
reference_url https://security.gentoo.org/glsa/202401-02
reference_id GLSA-202401-02
reference_type
scores
url https://security.gentoo.org/glsa/202401-02
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
9
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
10
reference_url https://access.redhat.com/errata/RHSA-2021:3623
reference_id RHSA-2021:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3623
11
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
12
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
13
reference_url https://access.redhat.com/errata/RHSA-2021:3666
reference_id RHSA-2021:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3666
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22939
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9g7s-y7nq-xfbb
6
url VCID-9yq7-aba3-c7c3
vulnerability_id VCID-9yq7-aba3-c7c3
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32559
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.18926
published_at 2026-04-13T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19169
published_at 2026-04-04T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.18885
published_at 2026-04-07T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.18963
published_at 2026-04-08T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19017
published_at 2026-04-09T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19024
published_at 2026-04-11T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.18977
published_at 2026-04-12T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22427
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32559
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
reference_id 1050739
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
5
reference_url https://hackerone.com/reports/1946470
reference_id 1946470
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/
url https://hackerone.com/reports/1946470
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230956
reference_id 2230956
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230956
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://security.netapp.com/advisory/ntap-20231006-0006/
reference_id ntap-20231006-0006
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/
url https://security.netapp.com/advisory/ntap-20231006-0006/
9
reference_url https://access.redhat.com/errata/RHSA-2023:5360
reference_id RHSA-2023:5360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5360
10
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
11
reference_url https://access.redhat.com/errata/RHSA-2023:5362
reference_id RHSA-2023:5362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5362
12
reference_url https://access.redhat.com/errata/RHSA-2023:5363
reference_id RHSA-2023:5363
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5363
13
reference_url https://access.redhat.com/errata/RHSA-2023:5532
reference_id RHSA-2023:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5532
14
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
15
reference_url https://usn.ubuntu.com/6822-1/
reference_id USN-6822-1
reference_type
scores
url https://usn.ubuntu.com/6822-1/
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2023-32559
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9yq7-aba3-c7c3
7
url VCID-b54b-pd2b-bygm
vulnerability_id VCID-b54b-pd2b-bygm
summary 
llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding
The llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).

Impacts:

- All versions of the nodejs 18.x, 16.x, and 14.x releases lines.
- llhttp v6.0.7 and llhttp v2.1.5 contains the fixes that were updated inside Node.js
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32213.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32213.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32213
reference_id
reference_type
scores
0
value 0.89626
scoring_system epss
scoring_elements 0.99561
published_at 2026-04-13T12:55:00Z
1
value 0.89626
scoring_system epss
scoring_elements 0.9956
published_at 2026-04-12T12:55:00Z
2
value 0.89626
scoring_system epss
scoring_elements 0.99559
published_at 2026-04-07T12:55:00Z
3
value 0.89626
scoring_system epss
scoring_elements 0.99558
published_at 2026-04-04T12:55:00Z
4
value 0.89626
scoring_system epss
scoring_elements 0.99557
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32213
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
12
reference_url https://hackerone.com/reports/1524555
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1524555
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/
19
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
20
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32213
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-32213
22
reference_url https://security.netapp.com/advisory/ntap-20220915-0001
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0001
23
reference_url https://security.netapp.com/advisory/ntap-20220915-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220915-0001/
24
reference_url https://www.debian.org/security/2023/dsa-5326
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5326
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105430
reference_id 2105430
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105430
26
reference_url https://github.com/advisories/GHSA-5689-v88g-g6rv
reference_id GHSA-5689-v88g-g6rv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5689-v88g-g6rv
27
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
28
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
29
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
30
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
31
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
32
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
33
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-32213, GHSA-5689-v88g-g6rv
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b54b-pd2b-bygm
8
url VCID-bx67-aud6-b3fa
vulnerability_id VCID-bx67-aud6-b3fa
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22025.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22025.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-22025
reference_id
reference_type
scores
0
value 0.0043
scoring_system epss
scoring_elements 0.62483
published_at 2026-04-02T12:55:00Z
1
value 0.0043
scoring_system epss
scoring_elements 0.62515
published_at 2026-04-04T12:55:00Z
2
value 0.00636
scoring_system epss
scoring_elements 0.7042
published_at 2026-04-09T12:55:00Z
3
value 0.00636
scoring_system epss
scoring_elements 0.70429
published_at 2026-04-12T12:55:00Z
4
value 0.00636
scoring_system epss
scoring_elements 0.70444
published_at 2026-04-11T12:55:00Z
5
value 0.00636
scoring_system epss
scoring_elements 0.70404
published_at 2026-04-08T12:55:00Z
6
value 0.00636
scoring_system epss
scoring_elements 0.70359
published_at 2026-04-07T12:55:00Z
7
value 0.00636
scoring_system epss
scoring_elements 0.70415
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-22025
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22025
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22025
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270559
reference_id 2270559
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2270559
4
reference_url https://hackerone.com/reports/2284065
reference_id 2284065
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/
url https://hackerone.com/reports/2284065
5
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
6
reference_url https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/
url https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html
7
reference_url https://security.netapp.com/advisory/ntap-20240517-0008/
reference_id ntap-20240517-0008
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/
url https://security.netapp.com/advisory/ntap-20240517-0008/
8
reference_url https://access.redhat.com/errata/RHSA-2024:2778
reference_id RHSA-2024:2778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2778
9
reference_url https://access.redhat.com/errata/RHSA-2024:2779
reference_id RHSA-2024:2779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2779
10
reference_url https://access.redhat.com/errata/RHSA-2024:2780
reference_id RHSA-2024:2780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2780
11
reference_url https://access.redhat.com/errata/RHSA-2024:2853
reference_id RHSA-2024:2853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2853
12
reference_url https://access.redhat.com/errata/RHSA-2024:2910
reference_id RHSA-2024:2910
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2910
13
reference_url https://access.redhat.com/errata/RHSA-2024:4559
reference_id RHSA-2024:4559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4559
14
reference_url https://access.redhat.com/errata/RHSA-2024:4721
reference_id RHSA-2024:4721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4721
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2024-22025
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bx67-aud6-b3fa
9
url VCID-c8xz-v6h3-6ueb
vulnerability_id VCID-c8xz-v6h3-6ueb
summary nodejs: libuv: Out-of-Bounds Access Due to Inconsistent off_t Size in libuv and Node.js Build on i386
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47153.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47153.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-47153
reference_id
reference_type
scores
0
value 0.00692
scoring_system epss
scoring_elements 0.71787
published_at 2026-04-02T12:55:00Z
1
value 0.00692
scoring_system epss
scoring_elements 0.71819
published_at 2026-04-13T12:55:00Z
2
value 0.00692
scoring_system epss
scoring_elements 0.71805
published_at 2026-04-04T12:55:00Z
3
value 0.00692
scoring_system epss
scoring_elements 0.71779
published_at 2026-04-07T12:55:00Z
4
value 0.00692
scoring_system epss
scoring_elements 0.71818
published_at 2026-04-08T12:55:00Z
5
value 0.00692
scoring_system epss
scoring_elements 0.71829
published_at 2026-04-09T12:55:00Z
6
value 0.00692
scoring_system epss
scoring_elements 0.71854
published_at 2026-04-11T12:55:00Z
7
value 0.00692
scoring_system epss
scoring_elements 0.71837
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-47153
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47153
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47153
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2363236
reference_id 2363236
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2363236
5
reference_url https://github.com/nodejs/node-v0.x-archive/issues/4549
reference_id 4549
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/
url https://github.com/nodejs/node-v0.x-archive/issues/4549
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076350
reference_id bugreport.cgi?bug=1076350
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076350
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922075
reference_id bugreport.cgi?bug=922075
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922075
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=892601
reference_id show_bug.cgi?id=892601
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=892601
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2025-47153
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8xz-v6h3-6ueb
10
url VCID-dfdy-vhdd-5kh4
vulnerability_id VCID-dfdy-vhdd-5kh4
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35256
reference_id
reference_type
scores
0
value 0.03945
scoring_system epss
scoring_elements 0.88301
published_at 2026-04-02T12:55:00Z
1
value 0.03945
scoring_system epss
scoring_elements 0.88348
published_at 2026-04-13T12:55:00Z
2
value 0.03945
scoring_system epss
scoring_elements 0.88315
published_at 2026-04-04T12:55:00Z
3
value 0.03945
scoring_system epss
scoring_elements 0.8832
published_at 2026-04-07T12:55:00Z
4
value 0.03945
scoring_system epss
scoring_elements 0.88339
published_at 2026-04-08T12:55:00Z
5
value 0.03945
scoring_system epss
scoring_elements 0.88346
published_at 2026-04-09T12:55:00Z
6
value 0.03945
scoring_system epss
scoring_elements 0.88356
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35256
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/1675191
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:21:44Z/
url https://hackerone.com/reports/1675191
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130518
reference_id 2130518
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130518
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-35256
reference_id CVE-2022-35256
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-35256
13
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
14
reference_url https://access.redhat.com/errata/RHSA-2022:6963
reference_id RHSA-2022:6963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6963
15
reference_url https://access.redhat.com/errata/RHSA-2022:6964
reference_id RHSA-2022:6964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6964
16
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
17
reference_url https://access.redhat.com/errata/RHSA-2022:7821
reference_id RHSA-2022:7821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7821
18
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
19
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
20
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
21
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
22
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-35256
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dfdy-vhdd-5kh4
11
url VCID-e18p-c3m9-2qgy
vulnerability_id VCID-e18p-c3m9-2qgy
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44532
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32731
published_at 2026-04-01T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.32862
published_at 2026-04-02T12:55:00Z
2
value 0.00132
scoring_system epss
scoring_elements 0.32897
published_at 2026-04-04T12:55:00Z
3
value 0.00132
scoring_system epss
scoring_elements 0.32718
published_at 2026-04-07T12:55:00Z
4
value 0.00132
scoring_system epss
scoring_elements 0.32765
published_at 2026-04-08T12:55:00Z
5
value 0.00132
scoring_system epss
scoring_elements 0.32792
published_at 2026-04-09T12:55:00Z
6
value 0.00132
scoring_system epss
scoring_elements 0.32794
published_at 2026-04-11T12:55:00Z
7
value 0.00132
scoring_system epss
scoring_elements 0.32756
published_at 2026-04-12T12:55:00Z
8
value 0.00132
scoring_system epss
scoring_elements 0.3273
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44532
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040846
reference_id 2040846
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040846
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
13
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
14
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
15
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
16
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
17
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-44532
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e18p-c3m9-2qgy
12
url VCID-e6gj-fe31-kkh5
vulnerability_id VCID-e6gj-fe31-kkh5
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46809.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46809.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46809
reference_id
reference_type
scores
0
value 0.01239
scoring_system epss
scoring_elements 0.79194
published_at 2026-04-02T12:55:00Z
1
value 0.01239
scoring_system epss
scoring_elements 0.79232
published_at 2026-04-13T12:55:00Z
2
value 0.01239
scoring_system epss
scoring_elements 0.79236
published_at 2026-04-09T12:55:00Z
3
value 0.01239
scoring_system epss
scoring_elements 0.7926
published_at 2026-04-11T12:55:00Z
4
value 0.01239
scoring_system epss
scoring_elements 0.79244
published_at 2026-04-12T12:55:00Z
5
value 0.01239
scoring_system epss
scoring_elements 0.79218
published_at 2026-04-04T12:55:00Z
6
value 0.01239
scoring_system epss
scoring_elements 0.79203
published_at 2026-04-07T12:55:00Z
7
value 0.01239
scoring_system epss
scoring_elements 0.79228
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46809
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46809
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46809
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055
reference_id 1064055
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2264569
reference_id 2264569
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2264569
6
reference_url https://nodejs.org/en/blog/vulnerability/february-2024-security-releases
reference_id february-2024-security-releases
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T17:40:41Z/
url https://nodejs.org/en/blog/vulnerability/february-2024-security-releases
7
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
8
reference_url https://access.redhat.com/errata/RHSA-2024:1503
reference_id RHSA-2024:1503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1503
9
reference_url https://access.redhat.com/errata/RHSA-2024:1510
reference_id RHSA-2024:1510
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1510
10
reference_url https://access.redhat.com/errata/RHSA-2024:1687
reference_id RHSA-2024:1687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1687
11
reference_url https://access.redhat.com/errata/RHSA-2024:1688
reference_id RHSA-2024:1688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1688
12
reference_url https://access.redhat.com/errata/RHSA-2024:1880
reference_id RHSA-2024:1880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1880
13
reference_url https://access.redhat.com/errata/RHSA-2024:1932
reference_id RHSA-2024:1932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1932
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2023-46809
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6gj-fe31-kkh5
13
url VCID-e7u5-356v-jbg7
vulnerability_id VCID-e7u5-356v-jbg7
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30590
reference_id
reference_type
scores
0
value 0.00954
scoring_system epss
scoring_elements 0.76361
published_at 2026-04-02T12:55:00Z
1
value 0.00954
scoring_system epss
scoring_elements 0.76391
published_at 2026-04-04T12:55:00Z
2
value 0.00954
scoring_system epss
scoring_elements 0.76373
published_at 2026-04-07T12:55:00Z
3
value 0.00954
scoring_system epss
scoring_elements 0.76405
published_at 2026-04-08T12:55:00Z
4
value 0.00954
scoring_system epss
scoring_elements 0.7642
published_at 2026-04-09T12:55:00Z
5
value 0.00954
scoring_system epss
scoring_elements 0.76445
published_at 2026-04-11T12:55:00Z
6
value 0.00954
scoring_system epss
scoring_elements 0.76423
published_at 2026-04-12T12:55:00Z
7
value 0.00954
scoring_system epss
scoring_elements 0.76418
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30590
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
reference_id 1039990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219842
reference_id 2219842
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219842
6
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
7
reference_url https://access.redhat.com/errata/RHSA-2023:4330
reference_id RHSA-2023:4330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4330
8
reference_url https://access.redhat.com/errata/RHSA-2023:4331
reference_id RHSA-2023:4331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4331
9
reference_url https://access.redhat.com/errata/RHSA-2023:4536
reference_id RHSA-2023:4536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4536
10
reference_url https://access.redhat.com/errata/RHSA-2023:4537
reference_id RHSA-2023:4537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4537
11
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
12
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
13
reference_url https://usn.ubuntu.com/6735-1/
reference_id USN-6735-1
reference_type
scores
url https://usn.ubuntu.com/6735-1/
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2023-30590
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7u5-356v-jbg7
14
url VCID-gwyr-ac4e-dqfa
vulnerability_id VCID-gwyr-ac4e-dqfa
summary 
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
The llhttp parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22959
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43692
published_at 2026-04-01T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.4373
published_at 2026-04-13T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43779
published_at 2026-04-11T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43746
published_at 2026-04-12T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.43747
published_at 2026-04-02T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.43772
published_at 2026-04-04T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43706
published_at 2026-04-07T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43756
published_at 2026-04-08T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43759
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22959
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1238709
reference_id
reference_type
scores
url https://hackerone.com/reports/1238709
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2014057
reference_id 2014057
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2014057
11
reference_url https://security.archlinux.org/ASA-202110-4
reference_id ASA-202110-4
reference_type
scores
url https://security.archlinux.org/ASA-202110-4
12
reference_url https://security.archlinux.org/AVG-2460
reference_id AVG-2460
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2460
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22959
reference_id CVE-2021-22959
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22959
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
16
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
17
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
18
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22959
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gwyr-ac4e-dqfa
15
url VCID-hnjv-fp2r-vqfq
vulnerability_id VCID-hnjv-fp2r-vqfq
summary Node.js: insecure loading of ICU data through ICU_DATA environment variable
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23920.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23920.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-23920
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26656
published_at 2026-04-02T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26505
published_at 2026-04-13T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26699
published_at 2026-04-04T12:55:00Z
3
value 0.00096
scoring_system epss
scoring_elements 0.26485
published_at 2026-04-07T12:55:00Z
4
value 0.00096
scoring_system epss
scoring_elements 0.26553
published_at 2026-04-08T12:55:00Z
5
value 0.00096
scoring_system epss
scoring_elements 0.26602
published_at 2026-04-09T12:55:00Z
6
value 0.00096
scoring_system epss
scoring_elements 0.26608
published_at 2026-04-11T12:55:00Z
7
value 0.00096
scoring_system epss
scoring_elements 0.26562
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-23920
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834
reference_id 1031834
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2172217
reference_id 2172217
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2172217
6
reference_url https://www.debian.org/security/2023/dsa-5395
reference_id dsa-5395
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/
url https://www.debian.org/security/2023/dsa-5395
7
reference_url https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/
reference_id february-2023-security-releases
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/
url https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/
8
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
reference_id msg00038.html
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
9
reference_url https://security.netapp.com/advisory/ntap-20230316-0008/
reference_id ntap-20230316-0008
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/
url https://security.netapp.com/advisory/ntap-20230316-0008/
10
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
11
reference_url https://access.redhat.com/errata/RHSA-2023:1582
reference_id RHSA-2023:1582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1582
12
reference_url https://access.redhat.com/errata/RHSA-2023:1583
reference_id RHSA-2023:1583
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1583
13
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
14
reference_url https://access.redhat.com/errata/RHSA-2023:1743
reference_id RHSA-2023:1743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1743
15
reference_url https://access.redhat.com/errata/RHSA-2023:1744
reference_id RHSA-2023:1744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1744
16
reference_url https://access.redhat.com/errata/RHSA-2023:2654
reference_id RHSA-2023:2654
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2654
17
reference_url https://access.redhat.com/errata/RHSA-2023:2655
reference_id RHSA-2023:2655
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2655
18
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
19
reference_url https://usn.ubuntu.com/6672-1/
reference_id USN-6672-1
reference_type
scores
url https://usn.ubuntu.com/6672-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2023-23920
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hnjv-fp2r-vqfq
16
url VCID-m5ae-uc68-d3g2
vulnerability_id VCID-m5ae-uc68-d3g2
summary 
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
This advisory has been marked as a false positive.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21824
reference_id
reference_type
scores
0
value 0.00505
scoring_system epss
scoring_elements 0.66171
published_at 2026-04-02T12:55:00Z
1
value 0.0066
scoring_system epss
scoring_elements 0.71033
published_at 2026-04-07T12:55:00Z
2
value 0.0066
scoring_system epss
scoring_elements 0.71076
published_at 2026-04-08T12:55:00Z
3
value 0.0066
scoring_system epss
scoring_elements 0.71088
published_at 2026-04-09T12:55:00Z
4
value 0.0066
scoring_system epss
scoring_elements 0.71111
published_at 2026-04-11T12:55:00Z
5
value 0.0066
scoring_system epss
scoring_elements 0.71096
published_at 2026-04-12T12:55:00Z
6
value 0.0066
scoring_system epss
scoring_elements 0.7108
published_at 2026-04-13T12:55:00Z
7
value 0.0066
scoring_system epss
scoring_elements 0.71058
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21824
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1431042
reference_id
reference_type
scores
url https://hackerone.com/reports/1431042
10
reference_url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
11
reference_url https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220325-0007/
12
reference_url https://security.netapp.com/advisory/ntap-20220729-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220729-0004/
13
reference_url https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url https://www.debian.org/security/2022/dsa-5170
14
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
15
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040862
reference_id 2040862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040862
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21824
reference_id CVE-2022-21824
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21824
19
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
20
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
21
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
22
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
23
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
24
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
25
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-21824
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ae-uc68-d3g2
17
url VCID-m7rw-arzq-jba1
vulnerability_id VCID-m7rw-arzq-jba1
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43548
reference_id
reference_type
scores
0
value 0.00565
scoring_system epss
scoring_elements 0.68402
published_at 2026-04-02T12:55:00Z
1
value 0.00565
scoring_system epss
scoring_elements 0.68447
published_at 2026-04-13T12:55:00Z
2
value 0.00565
scoring_system epss
scoring_elements 0.68422
published_at 2026-04-04T12:55:00Z
3
value 0.00565
scoring_system epss
scoring_elements 0.68398
published_at 2026-04-07T12:55:00Z
4
value 0.00565
scoring_system epss
scoring_elements 0.68449
published_at 2026-04-08T12:55:00Z
5
value 0.00565
scoring_system epss
scoring_elements 0.68466
published_at 2026-04-09T12:55:00Z
6
value 0.00565
scoring_system epss
scoring_elements 0.68492
published_at 2026-04-11T12:55:00Z
7
value 0.00565
scoring_system epss
scoring_elements 0.6848
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43548
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518
reference_id 1023518
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140911
reference_id 2140911
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140911
12
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
13
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
reference_id msg00038.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
14
reference_url https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/
reference_id november-2022-security-releases
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/
15
reference_url https://security.netapp.com/advisory/ntap-20230120-0004/
reference_id ntap-20230120-0004
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://security.netapp.com/advisory/ntap-20230120-0004/
16
reference_url https://security.netapp.com/advisory/ntap-20230427-0007/
reference_id ntap-20230427-0007
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://security.netapp.com/advisory/ntap-20230427-0007/
17
reference_url https://access.redhat.com/errata/RHSA-2022:8832
reference_id RHSA-2022:8832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8832
18
reference_url https://access.redhat.com/errata/RHSA-2022:8833
reference_id RHSA-2022:8833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8833
19
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
20
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
21
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
22
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
23
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
24
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
25
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-43548
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7rw-arzq-jba1
18
url VCID-ms5y-gp7v-2qay
vulnerability_id VCID-ms5y-gp7v-2qay
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44533
reference_id
reference_type
scores
0
value 0.00421
scoring_system epss
scoring_elements 0.61846
published_at 2026-04-01T12:55:00Z
1
value 0.00421
scoring_system epss
scoring_elements 0.6192
published_at 2026-04-07T12:55:00Z
2
value 0.00421
scoring_system epss
scoring_elements 0.6195
published_at 2026-04-04T12:55:00Z
3
value 0.00421
scoring_system epss
scoring_elements 0.61969
published_at 2026-04-08T12:55:00Z
4
value 0.00421
scoring_system epss
scoring_elements 0.61987
published_at 2026-04-09T12:55:00Z
5
value 0.00421
scoring_system epss
scoring_elements 0.62008
published_at 2026-04-11T12:55:00Z
6
value 0.00421
scoring_system epss
scoring_elements 0.61997
published_at 2026-04-12T12:55:00Z
7
value 0.00421
scoring_system epss
scoring_elements 0.61977
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44533
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040856
reference_id 2040856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040856
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
13
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
14
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
15
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
16
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
17
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-44533
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms5y-gp7v-2qay
19
url VCID-n91z-kugd-ebb5
vulnerability_id VCID-n91z-kugd-ebb5
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8201.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8201.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8201
reference_id
reference_type
scores
0
value 0.00632
scoring_system epss
scoring_elements 0.70267
published_at 2026-04-01T12:55:00Z
1
value 0.00632
scoring_system epss
scoring_elements 0.70279
published_at 2026-04-02T12:55:00Z
2
value 0.00632
scoring_system epss
scoring_elements 0.70297
published_at 2026-04-04T12:55:00Z
3
value 0.00632
scoring_system epss
scoring_elements 0.70273
published_at 2026-04-07T12:55:00Z
4
value 0.00632
scoring_system epss
scoring_elements 0.70319
published_at 2026-04-08T12:55:00Z
5
value 0.00632
scoring_system epss
scoring_elements 0.70333
published_at 2026-04-09T12:55:00Z
6
value 0.00632
scoring_system epss
scoring_elements 0.70357
published_at 2026-04-11T12:55:00Z
7
value 0.00632
scoring_system epss
scoring_elements 0.70342
published_at 2026-04-12T12:55:00Z
8
value 0.00632
scoring_system epss
scoring_elements 0.70328
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8201
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8201
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8201
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1879311
reference_id 1879311
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1879311
5
reference_url https://access.redhat.com/errata/RHSA-2020:4272
reference_id RHSA-2020:4272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4272
6
reference_url https://access.redhat.com/errata/RHSA-2020:4903
reference_id RHSA-2020:4903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4903
7
reference_url https://access.redhat.com/errata/RHSA-2020:5086
reference_id RHSA-2020:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5086
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2020-8201
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n91z-kugd-ebb5
20
url VCID-nenk-4cgd-fugv
vulnerability_id VCID-nenk-4cgd-fugv
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27983.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27983.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27983
reference_id
reference_type
scores
0
value 0.75933
scoring_system epss
scoring_elements 0.98915
published_at 2026-04-13T12:55:00Z
1
value 0.75933
scoring_system epss
scoring_elements 0.98907
published_at 2026-04-02T12:55:00Z
2
value 0.75933
scoring_system epss
scoring_elements 0.98909
published_at 2026-04-04T12:55:00Z
3
value 0.75933
scoring_system epss
scoring_elements 0.98911
published_at 2026-04-07T12:55:00Z
4
value 0.75933
scoring_system epss
scoring_elements 0.98912
published_at 2026-04-09T12:55:00Z
5
value 0.75933
scoring_system epss
scoring_elements 0.98914
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27983
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27983
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27983
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347
reference_id 1068347
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2272764
reference_id 2272764
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2272764
6
reference_url https://hackerone.com/reports/2319584
reference_id 2319584
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/
url https://hackerone.com/reports/2319584
7
reference_url https://security.archlinux.org/AVG-2852
reference_id AVG-2852
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2852
8
reference_url https://security.archlinux.org/AVG-2853
reference_id AVG-2853
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2853
9
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE/
reference_id JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE/
11
reference_url https://security.netapp.com/advisory/ntap-20240510-0002/
reference_id ntap-20240510-0002
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/
url https://security.netapp.com/advisory/ntap-20240510-0002/
12
reference_url https://access.redhat.com/errata/RHSA-2024:2778
reference_id RHSA-2024:2778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2778
13
reference_url https://access.redhat.com/errata/RHSA-2024:2779
reference_id RHSA-2024:2779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2779
14
reference_url https://access.redhat.com/errata/RHSA-2024:2780
reference_id RHSA-2024:2780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2780
15
reference_url https://access.redhat.com/errata/RHSA-2024:2853
reference_id RHSA-2024:2853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2853
16
reference_url https://access.redhat.com/errata/RHSA-2024:2910
reference_id RHSA-2024:2910
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2910
17
reference_url https://access.redhat.com/errata/RHSA-2024:2937
reference_id RHSA-2024:2937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2937
18
reference_url https://access.redhat.com/errata/RHSA-2024:3472
reference_id RHSA-2024:3472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3472
19
reference_url https://access.redhat.com/errata/RHSA-2024:3544
reference_id RHSA-2024:3544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3544
20
reference_url https://access.redhat.com/errata/RHSA-2024:3545
reference_id RHSA-2024:3545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3545
21
reference_url https://access.redhat.com/errata/RHSA-2024:3553
reference_id RHSA-2024:3553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3553
22
reference_url https://access.redhat.com/errata/RHSA-2024:4353
reference_id RHSA-2024:4353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4353
23
reference_url https://access.redhat.com/errata/RHSA-2024:4824
reference_id RHSA-2024:4824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4824
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW/
reference_id YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW/
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2024-27983
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nenk-4cgd-fugv
21
url VCID-pqnn-ers1-3fec
vulnerability_id VCID-pqnn-ers1-3fec
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.5038
published_at 2026-04-01T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50469
published_at 2026-04-13T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50507
published_at 2026-04-11T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50484
published_at 2026-04-12T12:55:00Z
4
value 0.0027
scoring_system epss
scoring_elements 0.50436
published_at 2026-04-02T12:55:00Z
5
value 0.0027
scoring_system epss
scoring_elements 0.50465
published_at 2026-04-09T12:55:00Z
6
value 0.0027
scoring_system epss
scoring_elements 0.50419
published_at 2026-04-07T12:55:00Z
7
value 0.0027
scoring_system epss
scoring_elements 0.50472
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
reference_id 1932024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22884
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqnn-ers1-3fec
22
url VCID-q8th-849w-bfhp
vulnerability_id VCID-q8th-849w-bfhp
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
reference_id
reference_type
scores
0
value 0.89427
scoring_system epss
scoring_elements 0.99544
published_at 2026-04-02T12:55:00Z
1
value 0.89427
scoring_system epss
scoring_elements 0.99548
published_at 2026-04-13T12:55:00Z
2
value 0.89427
scoring_system epss
scoring_elements 0.99546
published_at 2026-04-11T12:55:00Z
3
value 0.89427
scoring_system epss
scoring_elements 0.99547
published_at 2026-04-12T12:55:00Z
4
value 0.89427
scoring_system epss
scoring_elements 0.99545
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
reference_id 1932014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22883
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8th-849w-bfhp
23
url VCID-tnhd-rr89-9udh
vulnerability_id VCID-tnhd-rr89-9udh
summary 
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
The parse function in llhttp ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22960
reference_id
reference_type
scores
0
value 0.00229
scoring_system epss
scoring_elements 0.45642
published_at 2026-04-01T12:55:00Z
1
value 0.00229
scoring_system epss
scoring_elements 0.45721
published_at 2026-04-12T12:55:00Z
2
value 0.00229
scoring_system epss
scoring_elements 0.45733
published_at 2026-04-08T12:55:00Z
3
value 0.00229
scoring_system epss
scoring_elements 0.45751
published_at 2026-04-11T12:55:00Z
4
value 0.00229
scoring_system epss
scoring_elements 0.45709
published_at 2026-04-02T12:55:00Z
5
value 0.00229
scoring_system epss
scoring_elements 0.45729
published_at 2026-04-13T12:55:00Z
6
value 0.00229
scoring_system epss
scoring_elements 0.45677
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1238099
reference_id
reference_type
scores
url https://hackerone.com/reports/1238099
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2014059
reference_id 2014059
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2014059
11
reference_url https://security.archlinux.org/ASA-202110-4
reference_id ASA-202110-4
reference_type
scores
url https://security.archlinux.org/ASA-202110-4
12
reference_url https://security.archlinux.org/AVG-2460
reference_id AVG-2460
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2460
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22960
reference_id CVE-2021-22960
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22960
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
16
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
17
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
18
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22960
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnhd-rr89-9udh
24
url VCID-vkvx-gxbu-3uau
vulnerability_id VCID-vkvx-gxbu-3uau
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22019.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22019.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-22019
reference_id
reference_type
scores
0
value 0.0038
scoring_system epss
scoring_elements 0.5949
published_at 2026-04-13T12:55:00Z
1
value 0.0038
scoring_system epss
scoring_elements 0.5945
published_at 2026-04-02T12:55:00Z
2
value 0.0038
scoring_system epss
scoring_elements 0.59475
published_at 2026-04-04T12:55:00Z
3
value 0.0038
scoring_system epss
scoring_elements 0.59442
published_at 2026-04-07T12:55:00Z
4
value 0.0038
scoring_system epss
scoring_elements 0.59493
published_at 2026-04-08T12:55:00Z
5
value 0.0038
scoring_system epss
scoring_elements 0.59506
published_at 2026-04-09T12:55:00Z
6
value 0.0038
scoring_system epss
scoring_elements 0.59525
published_at 2026-04-11T12:55:00Z
7
value 0.0038
scoring_system epss
scoring_elements 0.59509
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-22019
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22019
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22019
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055
reference_id 1064055
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055
5
reference_url https://hackerone.com/reports/2233486
reference_id 2233486
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T21:15:49Z/
url https://hackerone.com/reports/2233486
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2264574
reference_id 2264574
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2264574
7
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
8
reference_url https://security.netapp.com/advisory/ntap-20240315-0004/
reference_id ntap-20240315-0004
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T21:15:49Z/
url https://security.netapp.com/advisory/ntap-20240315-0004/
9
reference_url https://access.redhat.com/errata/RHSA-2024:1354
reference_id RHSA-2024:1354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1354
10
reference_url https://access.redhat.com/errata/RHSA-2024:1424
reference_id RHSA-2024:1424
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1424
11
reference_url https://access.redhat.com/errata/RHSA-2024:1438
reference_id RHSA-2024:1438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1438
12
reference_url https://access.redhat.com/errata/RHSA-2024:1444
reference_id RHSA-2024:1444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1444
13
reference_url https://access.redhat.com/errata/RHSA-2024:1503
reference_id RHSA-2024:1503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1503
14
reference_url https://access.redhat.com/errata/RHSA-2024:1510
reference_id RHSA-2024:1510
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1510
15
reference_url https://access.redhat.com/errata/RHSA-2024:1678
reference_id RHSA-2024:1678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1678
16
reference_url https://access.redhat.com/errata/RHSA-2024:1687
reference_id RHSA-2024:1687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1687
17
reference_url https://access.redhat.com/errata/RHSA-2024:1688
reference_id RHSA-2024:1688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1688
18
reference_url https://access.redhat.com/errata/RHSA-2024:1880
reference_id RHSA-2024:1880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1880
19
reference_url https://access.redhat.com/errata/RHSA-2024:1932
reference_id RHSA-2024:1932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1932
20
reference_url https://access.redhat.com/errata/RHSA-2024:2651
reference_id RHSA-2024:2651
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2651
21
reference_url https://access.redhat.com/errata/RHSA-2024:2793
reference_id RHSA-2024:2793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2793
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2024-22019
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkvx-gxbu-3uau
25
url VCID-wf5t-3pwz-c7d7
vulnerability_id VCID-wf5t-3pwz-c7d7
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which can lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23085.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23085.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23085
reference_id
reference_type
scores
0
value 0.00164
scoring_system epss
scoring_elements 0.37404
published_at 2026-04-13T12:55:00Z
1
value 0.00164
scoring_system epss
scoring_elements 0.3744
published_at 2026-04-08T12:55:00Z
2
value 0.00164
scoring_system epss
scoring_elements 0.37452
published_at 2026-04-09T12:55:00Z
3
value 0.00164
scoring_system epss
scoring_elements 0.37466
published_at 2026-04-11T12:55:00Z
4
value 0.00164
scoring_system epss
scoring_elements 0.37431
published_at 2026-04-12T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38068
published_at 2026-04-07T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38175
published_at 2026-04-02T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38197
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23085
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23085
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134
reference_id 1094134
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2342618
reference_id 2342618
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2342618
6
reference_url https://security.gentoo.org/glsa/202506-08
reference_id GLSA-202506-08
reference_type
scores
url https://security.gentoo.org/glsa/202506-08
7
reference_url https://nodejs.org/en/blog/vulnerability/january-2025-security-releases
reference_id january-2025-security-releases
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-07T15:50:24Z/
url https://nodejs.org/en/blog/vulnerability/january-2025-security-releases
8
reference_url https://access.redhat.com/errata/RHSA-2025:1351
reference_id RHSA-2025:1351
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1351
9
reference_url https://access.redhat.com/errata/RHSA-2025:1443
reference_id RHSA-2025:1443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1443
10
reference_url https://access.redhat.com/errata/RHSA-2025:1446
reference_id RHSA-2025:1446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1446
11
reference_url https://access.redhat.com/errata/RHSA-2025:1582
reference_id RHSA-2025:1582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1582
12
reference_url https://access.redhat.com/errata/RHSA-2025:1611
reference_id RHSA-2025:1611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1611
13
reference_url https://access.redhat.com/errata/RHSA-2025:1613
reference_id RHSA-2025:1613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1613
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
1
url pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1
purl pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1
aliases CVE-2025-23085
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wf5t-3pwz-c7d7
26
url VCID-wzcw-dd7m-zkaz
vulnerability_id VCID-wzcw-dd7m-zkaz
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32215.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32215.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32215
reference_id
reference_type
scores
0
value 0.88764
scoring_system epss
scoring_elements 0.99508
published_at 2026-04-02T12:55:00Z
1
value 0.88764
scoring_system epss
scoring_elements 0.9951
published_at 2026-04-04T12:55:00Z
2
value 0.88764
scoring_system epss
scoring_elements 0.99513
published_at 2026-04-13T12:55:00Z
3
value 0.88764
scoring_system epss
scoring_elements 0.99511
published_at 2026-04-07T12:55:00Z
4
value 0.88764
scoring_system epss
scoring_elements 0.99512
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32215
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/1501679
reference_id
reference_type
scores
url https://hackerone.com/reports/1501679
11
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105426
reference_id 2105426
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105426
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32215
reference_id CVE-2022-32215
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-32215
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
16
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
17
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
18
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
19
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
20
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-32215
risk_score 10.0
exploitability 2.0
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wzcw-dd7m-zkaz
27
url VCID-xnzh-wpd4-63f9
vulnerability_id VCID-xnzh-wpd4-63f9
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35255.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35255.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35255
reference_id
reference_type
scores
0
value 0.01191
scoring_system epss
scoring_elements 0.78868
published_at 2026-04-11T12:55:00Z
1
value 0.01191
scoring_system epss
scoring_elements 0.78841
published_at 2026-04-13T12:55:00Z
2
value 0.01191
scoring_system epss
scoring_elements 0.78851
published_at 2026-04-12T12:55:00Z
3
value 0.01191
scoring_system epss
scoring_elements 0.78829
published_at 2026-04-04T12:55:00Z
4
value 0.01191
scoring_system epss
scoring_elements 0.78812
published_at 2026-04-07T12:55:00Z
5
value 0.01191
scoring_system epss
scoring_elements 0.78838
published_at 2026-04-08T12:55:00Z
6
value 0.01191
scoring_system epss
scoring_elements 0.78844
published_at 2026-04-09T12:55:00Z
7
value 0.01191
scoring_system epss
scoring_elements 0.788
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35255
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/1690000
reference_id 1690000
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:23:49Z/
url https://hackerone.com/reports/1690000
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130517
reference_id 2130517
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130517
12
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
13
reference_url https://security.netapp.com/advisory/ntap-20230113-0002/
reference_id ntap-20230113-0002
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:23:49Z/
url https://security.netapp.com/advisory/ntap-20230113-0002/
14
reference_url https://access.redhat.com/errata/RHSA-2022:6963
reference_id RHSA-2022:6963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6963
15
reference_url https://access.redhat.com/errata/RHSA-2022:6964
reference_id RHSA-2022:6964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6964
16
reference_url https://access.redhat.com/errata/RHSA-2022:7821
reference_id RHSA-2022:7821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7821
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2022-35255
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnzh-wpd4-63f9
28
url VCID-zj4d-e8r7-ufg3
vulnerability_id VCID-zj4d-e8r7-ufg3
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8287
reference_id
reference_type
scores
0
value 0.11865
scoring_system epss
scoring_elements 0.93694
published_at 2026-04-01T12:55:00Z
1
value 0.11865
scoring_system epss
scoring_elements 0.93732
published_at 2026-04-13T12:55:00Z
2
value 0.11865
scoring_system epss
scoring_elements 0.93726
published_at 2026-04-08T12:55:00Z
3
value 0.11865
scoring_system epss
scoring_elements 0.93727
published_at 2026-04-09T12:55:00Z
4
value 0.11865
scoring_system epss
scoring_elements 0.93704
published_at 2026-04-02T12:55:00Z
5
value 0.11865
scoring_system epss
scoring_elements 0.93714
published_at 2026-04-04T12:55:00Z
6
value 0.11865
scoring_system epss
scoring_elements 0.93717
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8287
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690
reference_id 1016690
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912863
reference_id 1912863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912863
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id 979364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
8
reference_url https://security.archlinux.org/ASA-202101-16
reference_id ASA-202101-16
reference_type
scores
url https://security.archlinux.org/ASA-202101-16
9
reference_url https://security.archlinux.org/AVG-1400
reference_id AVG-1400
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1400
10
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
11
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
12
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
13
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
14
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
15
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
16
reference_url https://usn.ubuntu.com/5563-1/
reference_id USN-5563-1
reference_type
scores
url https://usn.ubuntu.com/5563-1/
17
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2020-8287
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zj4d-e8r7-ufg3
29
url VCID-zstw-3wmu-u3c8
vulnerability_id VCID-zstw-3wmu-u3c8
summary 
llhttp vulnerable to HTTP request smuggling
The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).

The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30589
reference_id
reference_type
scores
0
value 0.01916
scoring_system epss
scoring_elements 0.83313
published_at 2026-04-13T12:55:00Z
1
value 0.01916
scoring_system epss
scoring_elements 0.83317
published_at 2026-04-12T12:55:00Z
2
value 0.01916
scoring_system epss
scoring_elements 0.83261
published_at 2026-04-02T12:55:00Z
3
value 0.01916
scoring_system epss
scoring_elements 0.83276
published_at 2026-04-04T12:55:00Z
4
value 0.01916
scoring_system epss
scoring_elements 0.83275
published_at 2026-04-07T12:55:00Z
5
value 0.01916
scoring_system epss
scoring_elements 0.83299
published_at 2026-04-08T12:55:00Z
6
value 0.01916
scoring_system epss
scoring_elements 0.83323
published_at 2026-04-11T12:55:00Z
7
value 0.01916
scoring_system epss
scoring_elements 0.83308
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30589
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/nodejs/llhttp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp
5
reference_url https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1
6
reference_url https://hackerone.com/reports/2001873
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/2001873
7
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76
14
reference_url https://security.netapp.com/advisory/ntap-20230803-0009
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230803-0009
15
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
reference_id 1039990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219841
reference_id 2219841
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219841
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-30589
reference_id CVE-2023-30589
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-30589
19
reference_url https://github.com/advisories/GHSA-cggh-pq45-6h9x
reference_id GHSA-cggh-pq45-6h9x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cggh-pq45-6h9x
20
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
21
reference_url https://access.redhat.com/errata/RHSA-2023:4330
reference_id RHSA-2023:4330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4330
22
reference_url https://access.redhat.com/errata/RHSA-2023:4331
reference_id RHSA-2023:4331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4331
23
reference_url https://access.redhat.com/errata/RHSA-2023:4536
reference_id RHSA-2023:4536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4536
24
reference_url https://access.redhat.com/errata/RHSA-2023:4537
reference_id RHSA-2023:4537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4537
25
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
26
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
27
reference_url https://usn.ubuntu.com/6735-1/
reference_id USN-6735-1
reference_type
scores
url https://usn.ubuntu.com/6735-1/
fixed_packages
0
url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-43sf-4r41-wugc
3
vulnerability VCID-96yh-1wub-zucg
4
vulnerability VCID-98fy-tedc-ube7
5
vulnerability VCID-bjza-25hu-vkad
6
vulnerability VCID-dgkh-jdah-wfh9
7
vulnerability VCID-dt7u-3usg-9uet
8
vulnerability VCID-twc8-ewm7-wkb1
9
vulnerability VCID-u8bq-8jp4-jkem
10
vulnerability VCID-v7uy-445x-tuan
11
vulnerability VCID-wf5t-3pwz-c7d7
12
vulnerability VCID-x1an-pjq4-nbby
13
vulnerability VCID-xkpz-pb5y-jqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1
aliases CVE-2023-30589, GHSA-cggh-pq45-6h9x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zstw-3wmu-u3c8
30
url VCID-ztt4-vnk7-7ycq
vulnerability_id VCID-ztt4-vnk7-7ycq
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8265
reference_id
reference_type
scores
0
value 0.00755
scoring_system epss
scoring_elements 0.73197
published_at 2026-04-01T12:55:00Z
1
value 0.00755
scoring_system epss
scoring_elements 0.73248
published_at 2026-04-13T12:55:00Z
2
value 0.00755
scoring_system epss
scoring_elements 0.73276
published_at 2026-04-11T12:55:00Z
3
value 0.00755
scoring_system epss
scoring_elements 0.73255
published_at 2026-04-12T12:55:00Z
4
value 0.00755
scoring_system epss
scoring_elements 0.73207
published_at 2026-04-02T12:55:00Z
5
value 0.00755
scoring_system epss
scoring_elements 0.73228
published_at 2026-04-04T12:55:00Z
6
value 0.00755
scoring_system epss
scoring_elements 0.73201
published_at 2026-04-07T12:55:00Z
7
value 0.00755
scoring_system epss
scoring_elements 0.73238
published_at 2026-04-08T12:55:00Z
8
value 0.00755
scoring_system epss
scoring_elements 0.73251
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8265
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912854
reference_id 1912854
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912854
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id 979364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
7
reference_url https://security.archlinux.org/ASA-202101-16
reference_id ASA-202101-16
reference_type
scores
url https://security.archlinux.org/ASA-202101-16
8
reference_url https://security.archlinux.org/AVG-1400
reference_id AVG-1400
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1400
9
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
10
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
11
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
12
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
13
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
14
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
15
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2020-8265
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztt4-vnk7-7ycq
Fixing_vulnerabilities
0
url VCID-17k5-vadp-4kby
vulnerability_id VCID-17k5-vadp-4kby
summary nghttp2: overly large SETTINGS frames can lead to DoS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11080.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11080.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11080
reference_id
reference_type
scores
0
value 0.00741
scoring_system epss
scoring_elements 0.72949
published_at 2026-04-13T12:55:00Z
1
value 0.00741
scoring_system epss
scoring_elements 0.72893
published_at 2026-04-01T12:55:00Z
2
value 0.00741
scoring_system epss
scoring_elements 0.72901
published_at 2026-04-02T12:55:00Z
3
value 0.00741
scoring_system epss
scoring_elements 0.72922
published_at 2026-04-04T12:55:00Z
4
value 0.00741
scoring_system epss
scoring_elements 0.72897
published_at 2026-04-07T12:55:00Z
5
value 0.00741
scoring_system epss
scoring_elements 0.72934
published_at 2026-04-08T12:55:00Z
6
value 0.00741
scoring_system epss
scoring_elements 0.72948
published_at 2026-04-09T12:55:00Z
7
value 0.00741
scoring_system epss
scoring_elements 0.72973
published_at 2026-04-11T12:55:00Z
8
value 0.00741
scoring_system epss
scoring_elements 0.72955
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11080
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1844929
reference_id 1844929
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1844929
6
reference_url https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090
reference_id 336a98feb0d56b9ac54e12736b18785c27f75090
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145
reference_id 962145
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL/
reference_id AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL/
9
reference_url https://www.debian.org/security/2020/dsa-4696
reference_id dsa-4696
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://www.debian.org/security/2020/dsa-4696
10
reference_url https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394
reference_id f8da73bd042f810f34d19f9eae02b46d870af394
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394
11
reference_url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr
reference_id GHSA-q5wr-xfw9-q7xr
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr
12
reference_url https://access.redhat.com/errata/RHSA-2020:2523
reference_id RHSA-2020:2523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2523
13
reference_url https://access.redhat.com/errata/RHSA-2020:2524
reference_id RHSA-2020:2524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2524
14
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
15
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
16
reference_url https://access.redhat.com/errata/RHSA-2020:2755
reference_id RHSA-2020:2755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2755
17
reference_url https://access.redhat.com/errata/RHSA-2020:2784
reference_id RHSA-2020:2784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2784
18
reference_url https://access.redhat.com/errata/RHSA-2020:2823
reference_id RHSA-2020:2823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2823
19
reference_url https://access.redhat.com/errata/RHSA-2020:2847
reference_id RHSA-2020:2847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2847
20
reference_url https://access.redhat.com/errata/RHSA-2020:2848
reference_id RHSA-2020:2848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2848
21
reference_url https://access.redhat.com/errata/RHSA-2020:2849
reference_id RHSA-2020:2849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2849
22
reference_url https://access.redhat.com/errata/RHSA-2020:2850
reference_id RHSA-2020:2850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2850
23
reference_url https://access.redhat.com/errata/RHSA-2020:2852
reference_id RHSA-2020:2852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2852
24
reference_url https://access.redhat.com/errata/RHSA-2020:2895
reference_id RHSA-2020:2895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2895
25
reference_url https://access.redhat.com/errata/RHSA-2020:3042
reference_id RHSA-2020:3042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3042
26
reference_url https://access.redhat.com/errata/RHSA-2020:3084
reference_id RHSA-2020:3084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3084
27
reference_url https://usn.ubuntu.com/6142-1/
reference_id USN-6142-1
reference_type
scores
url https://usn.ubuntu.com/6142-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2020-11080
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17k5-vadp-4kby
1
url VCID-1bhj-vafz-4ya8
vulnerability_id VCID-1bhj-vafz-4ya8
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12122.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12122
reference_id
reference_type
scores
0
value 0.02716
scoring_system epss
scoring_elements 0.85924
published_at 2026-04-13T12:55:00Z
1
value 0.02716
scoring_system epss
scoring_elements 0.85929
published_at 2026-04-12T12:55:00Z
2
value 0.03643
scoring_system epss
scoring_elements 0.87866
published_at 2026-04-11T12:55:00Z
3
value 0.0549
scoring_system epss
scoring_elements 0.9019
published_at 2026-04-04T12:55:00Z
4
value 0.0549
scoring_system epss
scoring_elements 0.90195
published_at 2026-04-07T12:55:00Z
5
value 0.0549
scoring_system epss
scoring_elements 0.90211
published_at 2026-04-08T12:55:00Z
6
value 0.0549
scoring_system epss
scoring_elements 0.90217
published_at 2026-04-09T12:55:00Z
7
value 0.0549
scoring_system epss
scoring_elements 0.90175
published_at 2026-04-01T12:55:00Z
8
value 0.0549
scoring_system epss
scoring_elements 0.90178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12122
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1661005
reference_id 1661005
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1661005
5
reference_url https://usn.ubuntu.com/USN-4796-1/
reference_id USN-USN-4796-1
reference_type
scores
url https://usn.ubuntu.com/USN-4796-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-12122
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bhj-vafz-4ya8
2
url VCID-3vdn-6af1-k3g6
vulnerability_id VCID-3vdn-6af1-k3g6
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7161.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7161.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7161
reference_id
reference_type
scores
0
value 0.01092
scoring_system epss
scoring_elements 0.779
published_at 2026-04-01T12:55:00Z
1
value 0.01092
scoring_system epss
scoring_elements 0.77957
published_at 2026-04-13T12:55:00Z
2
value 0.01092
scoring_system epss
scoring_elements 0.77948
published_at 2026-04-09T12:55:00Z
3
value 0.01092
scoring_system epss
scoring_elements 0.77975
published_at 2026-04-11T12:55:00Z
4
value 0.01092
scoring_system epss
scoring_elements 0.77959
published_at 2026-04-12T12:55:00Z
5
value 0.01092
scoring_system epss
scoring_elements 0.77907
published_at 2026-04-02T12:55:00Z
6
value 0.01092
scoring_system epss
scoring_elements 0.77934
published_at 2026-04-04T12:55:00Z
7
value 0.01092
scoring_system epss
scoring_elements 0.77917
published_at 2026-04-07T12:55:00Z
8
value 0.01092
scoring_system epss
scoring_elements 0.77944
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7161
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7161
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
5
reference_url https://security.gentoo.org/glsa/202003-48
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202003-48
6
reference_url http://www.securityfocus.com/bid/106363
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106363
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1591013
reference_id 1591013
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1591013
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7161
reference_id CVE-2018-7161
reference_type
scores
0
value 7.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:C
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-7161
11
reference_url https://access.redhat.com/errata/RHSA-2018:2949
reference_id RHSA-2018:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2949
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-7161
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3vdn-6af1-k3g6
3
url VCID-4dhf-bpv6-a3e1
vulnerability_id VCID-4dhf-bpv6-a3e1
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15604.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15604.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15604
reference_id
reference_type
scores
0
value 0.03533
scoring_system epss
scoring_elements 0.87611
published_at 2026-04-01T12:55:00Z
1
value 0.03533
scoring_system epss
scoring_elements 0.87621
published_at 2026-04-02T12:55:00Z
2
value 0.03533
scoring_system epss
scoring_elements 0.87634
published_at 2026-04-04T12:55:00Z
3
value 0.03533
scoring_system epss
scoring_elements 0.87636
published_at 2026-04-07T12:55:00Z
4
value 0.03533
scoring_system epss
scoring_elements 0.87656
published_at 2026-04-08T12:55:00Z
5
value 0.03533
scoring_system epss
scoring_elements 0.87662
published_at 2026-04-09T12:55:00Z
6
value 0.03533
scoring_system epss
scoring_elements 0.87673
published_at 2026-04-11T12:55:00Z
7
value 0.03533
scoring_system epss
scoring_elements 0.87669
published_at 2026-04-12T12:55:00Z
8
value 0.03533
scoring_system epss
scoring_elements 0.87666
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15604
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1800367
reference_id 1800367
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1800367
9
reference_url https://access.redhat.com/errata/RHSA-2020:0598
reference_id RHSA-2020:0598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0598
10
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-15604
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dhf-bpv6-a3e1
4
url VCID-4khc-2nz3-ckhr
vulnerability_id VCID-4khc-2nz3-ckhr
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7164.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7164.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7164
reference_id
reference_type
scores
0
value 0.01074
scoring_system epss
scoring_elements 0.77708
published_at 2026-04-01T12:55:00Z
1
value 0.01074
scoring_system epss
scoring_elements 0.77768
published_at 2026-04-13T12:55:00Z
2
value 0.01074
scoring_system epss
scoring_elements 0.77785
published_at 2026-04-11T12:55:00Z
3
value 0.01074
scoring_system epss
scoring_elements 0.77769
published_at 2026-04-12T12:55:00Z
4
value 0.01074
scoring_system epss
scoring_elements 0.77715
published_at 2026-04-02T12:55:00Z
5
value 0.01074
scoring_system epss
scoring_elements 0.77742
published_at 2026-04-04T12:55:00Z
6
value 0.01074
scoring_system epss
scoring_elements 0.77725
published_at 2026-04-07T12:55:00Z
7
value 0.01074
scoring_system epss
scoring_elements 0.77753
published_at 2026-04-08T12:55:00Z
8
value 0.01074
scoring_system epss
scoring_elements 0.77758
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7164
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7164
3
reference_url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
4
reference_url https://security.gentoo.org/glsa/202003-48
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202003-48
5
reference_url http://www.securityfocus.com/bid/104463
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104463
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1591023
reference_id 1591023
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1591023
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7164
reference_id CVE-2018-7164
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-7164
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-7164
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4khc-2nz3-ckhr
5
url VCID-9hzg-r1fj-pubf
vulnerability_id VCID-9hzg-r1fj-pubf
summary Excessive CPU usage in HTTP/2 with priority changes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9513
reference_id
reference_type
scores
0
value 0.06705
scoring_system epss
scoring_elements 0.91201
published_at 2026-04-01T12:55:00Z
1
value 0.06705
scoring_system epss
scoring_elements 0.9125
published_at 2026-04-13T12:55:00Z
2
value 0.06705
scoring_system epss
scoring_elements 0.91221
published_at 2026-04-07T12:55:00Z
3
value 0.06705
scoring_system epss
scoring_elements 0.91235
published_at 2026-04-08T12:55:00Z
4
value 0.06705
scoring_system epss
scoring_elements 0.91241
published_at 2026-04-09T12:55:00Z
5
value 0.06705
scoring_system epss
scoring_elements 0.91248
published_at 2026-04-11T12:55:00Z
6
value 0.06705
scoring_system epss
scoring_elements 0.91251
published_at 2026-04-12T12:55:00Z
7
value 0.06705
scoring_system epss
scoring_elements 0.91206
published_at 2026-04-02T12:55:00Z
8
value 0.06705
scoring_system epss
scoring_elements 0.91215
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9513
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1735741
reference_id 1735741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1735741
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
14
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
15
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
16
reference_url https://security.archlinux.org/ASA-201908-17
reference_id ASA-201908-17
reference_type
scores
url https://security.archlinux.org/ASA-201908-17
17
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
18
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
19
reference_url https://security.archlinux.org/AVG-1024
reference_id AVG-1024
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1024
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9513
reference_id CVE-2019-9513
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9513
21
reference_url https://access.redhat.com/errata/RHSA-2019:2692
reference_id RHSA-2019:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2692
22
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
23
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
24
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
25
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
26
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
27
reference_url https://access.redhat.com/errata/RHSA-2019:2949
reference_id RHSA-2019:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2949
28
reference_url https://access.redhat.com/errata/RHSA-2019:3041
reference_id RHSA-2019:3041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3041
29
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
30
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
31
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
32
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
33
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
34
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-9513
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hzg-r1fj-pubf
6
url VCID-9tvd-qsp8-byfx
vulnerability_id VCID-9tvd-qsp8-byfx
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5739.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5739.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-5739
reference_id
reference_type
scores
0
value 0.00312
scoring_system epss
scoring_elements 0.54291
published_at 2026-04-01T12:55:00Z
1
value 0.00312
scoring_system epss
scoring_elements 0.54372
published_at 2026-04-13T12:55:00Z
2
value 0.00312
scoring_system epss
scoring_elements 0.54363
published_at 2026-04-09T12:55:00Z
3
value 0.00312
scoring_system epss
scoring_elements 0.54412
published_at 2026-04-11T12:55:00Z
4
value 0.00312
scoring_system epss
scoring_elements 0.54394
published_at 2026-04-12T12:55:00Z
5
value 0.00312
scoring_system epss
scoring_elements 0.54311
published_at 2026-04-02T12:55:00Z
6
value 0.00312
scoring_system epss
scoring_elements 0.54341
published_at 2026-04-04T12:55:00Z
7
value 0.00312
scoring_system epss
scoring_elements 0.54316
published_at 2026-04-07T12:55:00Z
8
value 0.00312
scoring_system epss
scoring_elements 0.54368
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-5739
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5739
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
7
reference_url https://security.gentoo.org/glsa/202003-48
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202003-48
8
reference_url https://security.netapp.com/advisory/ntap-20190502-0008/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190502-0008/
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1690798
reference_id 1690798
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1690798
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-5739
reference_id CVE-2019-5739
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-5739
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-5739
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9tvd-qsp8-byfx
7
url VCID-9v22-ened-4bg2
vulnerability_id VCID-9v22-ened-4bg2
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12123.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12123.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12123
reference_id
reference_type
scores
0
value 0.04555
scoring_system epss
scoring_elements 0.89144
published_at 2026-04-01T12:55:00Z
1
value 0.04555
scoring_system epss
scoring_elements 0.89151
published_at 2026-04-02T12:55:00Z
2
value 0.04555
scoring_system epss
scoring_elements 0.89166
published_at 2026-04-04T12:55:00Z
3
value 0.04555
scoring_system epss
scoring_elements 0.89169
published_at 2026-04-07T12:55:00Z
4
value 0.04555
scoring_system epss
scoring_elements 0.89187
published_at 2026-04-08T12:55:00Z
5
value 0.04555
scoring_system epss
scoring_elements 0.89192
published_at 2026-04-09T12:55:00Z
6
value 0.04555
scoring_system epss
scoring_elements 0.89202
published_at 2026-04-11T12:55:00Z
7
value 0.04555
scoring_system epss
scoring_elements 0.89198
published_at 2026-04-12T12:55:00Z
8
value 0.04555
scoring_system epss
scoring_elements 0.89195
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12123
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12123
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12123
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1661010
reference_id 1661010
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1661010
5
reference_url https://usn.ubuntu.com/USN-4796-1/
reference_id USN-USN-4796-1
reference_type
scores
url https://usn.ubuntu.com/USN-4796-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-12123
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9v22-ened-4bg2
8
url VCID-dmv4-ydq9-a7eq
vulnerability_id VCID-dmv4-ydq9-a7eq
summary Excessive CPU usage in HTTP/2 with small window updates
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
reference_id
reference_type
scores
0
value 0.13948
scoring_system epss
scoring_elements 0.94283
published_at 2026-04-01T12:55:00Z
1
value 0.13948
scoring_system epss
scoring_elements 0.94324
published_at 2026-04-13T12:55:00Z
2
value 0.13948
scoring_system epss
scoring_elements 0.94302
published_at 2026-04-04T12:55:00Z
3
value 0.13948
scoring_system epss
scoring_elements 0.94304
published_at 2026-04-07T12:55:00Z
4
value 0.13948
scoring_system epss
scoring_elements 0.94313
published_at 2026-04-08T12:55:00Z
5
value 0.13948
scoring_system epss
scoring_elements 0.94318
published_at 2026-04-09T12:55:00Z
6
value 0.13948
scoring_system epss
scoring_elements 0.94322
published_at 2026-04-12T12:55:00Z
7
value 0.13948
scoring_system epss
scoring_elements 0.94292
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
reference_id 1741860
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
14
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
15
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
16
reference_url https://security.archlinux.org/ASA-201908-17
reference_id ASA-201908-17
reference_type
scores
url https://security.archlinux.org/ASA-201908-17
17
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
18
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
19
reference_url https://security.archlinux.org/AVG-1024
reference_id AVG-1024
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1024
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
reference_id CVE-2019-9511
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
21
reference_url https://access.redhat.com/errata/RHSA-2019:2692
reference_id RHSA-2019:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2692
22
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
23
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
24
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
25
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
26
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
27
reference_url https://access.redhat.com/errata/RHSA-2019:2949
reference_id RHSA-2019:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2949
28
reference_url https://access.redhat.com/errata/RHSA-2019:3041
reference_id RHSA-2019:3041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3041
29
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
30
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
31
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
32
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
33
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
34
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
35
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
36
reference_url https://access.redhat.com/errata/RHSA-2020:3192
reference_id RHSA-2020:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3192
37
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
38
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
39
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-9511
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-ydq9-a7eq
9
url VCID-f7ch-ze7a-d7gr
vulnerability_id VCID-f7ch-ze7a-d7gr
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12116.json
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12116
reference_id
reference_type
scores
0
value 0.00619
scoring_system epss
scoring_elements 0.69917
published_at 2026-04-01T12:55:00Z
1
value 0.00619
scoring_system epss
scoring_elements 0.69929
published_at 2026-04-02T12:55:00Z
2
value 0.00619
scoring_system epss
scoring_elements 0.69944
published_at 2026-04-04T12:55:00Z
3
value 0.00619
scoring_system epss
scoring_elements 0.69922
published_at 2026-04-07T12:55:00Z
4
value 0.00619
scoring_system epss
scoring_elements 0.6997
published_at 2026-04-08T12:55:00Z
5
value 0.00619
scoring_system epss
scoring_elements 0.69987
published_at 2026-04-09T12:55:00Z
6
value 0.00619
scoring_system epss
scoring_elements 0.7001
published_at 2026-04-11T12:55:00Z
7
value 0.00619
scoring_system epss
scoring_elements 0.69995
published_at 2026-04-12T12:55:00Z
8
value 0.00619
scoring_system epss
scoring_elements 0.69981
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12116
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1660998
reference_id 1660998
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1660998
5
reference_url https://usn.ubuntu.com/USN-4796-1/
reference_id USN-USN-4796-1
reference_type
scores
url https://usn.ubuntu.com/USN-4796-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-12116
risk_score 3.2
exploitability 0.5
weighted_severity 6.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f7ch-ze7a-d7gr
10
url VCID-h8gu-1htb-u3fg
vulnerability_id VCID-h8gu-1htb-u3fg
summary nodejs: Debugger port 5858 listens on any interface by default
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12120.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12120.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12120
reference_id
reference_type
scores
0
value 0.00422
scoring_system epss
scoring_elements 0.61938
published_at 2026-04-01T12:55:00Z
1
value 0.00422
scoring_system epss
scoring_elements 0.6201
published_at 2026-04-02T12:55:00Z
2
value 0.00422
scoring_system epss
scoring_elements 0.62041
published_at 2026-04-04T12:55:00Z
3
value 0.00422
scoring_system epss
scoring_elements 0.62009
published_at 2026-04-07T12:55:00Z
4
value 0.00422
scoring_system epss
scoring_elements 0.62059
published_at 2026-04-08T12:55:00Z
5
value 0.00422
scoring_system epss
scoring_elements 0.62077
published_at 2026-04-09T12:55:00Z
6
value 0.00422
scoring_system epss
scoring_elements 0.62098
published_at 2026-04-11T12:55:00Z
7
value 0.00422
scoring_system epss
scoring_elements 0.62087
published_at 2026-04-12T12:55:00Z
8
value 0.00422
scoring_system epss
scoring_elements 0.62066
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12120
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12120
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12120
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1661016
reference_id 1661016
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1661016
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-12120
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8gu-1htb-u3fg
11
url VCID-hu7c-gc8f-q3cm
vulnerability_id VCID-hu7c-gc8f-q3cm
summary nodejs: Constant Hashtable Seeds vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11499.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11499.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-11499
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59252
published_at 2026-04-01T12:55:00Z
1
value 0.00378
scoring_system epss
scoring_elements 0.59362
published_at 2026-04-13T12:55:00Z
2
value 0.00378
scoring_system epss
scoring_elements 0.59396
published_at 2026-04-11T12:55:00Z
3
value 0.00378
scoring_system epss
scoring_elements 0.5938
published_at 2026-04-12T12:55:00Z
4
value 0.00378
scoring_system epss
scoring_elements 0.59326
published_at 2026-04-02T12:55:00Z
5
value 0.00378
scoring_system epss
scoring_elements 0.59349
published_at 2026-04-04T12:55:00Z
6
value 0.00378
scoring_system epss
scoring_elements 0.59314
published_at 2026-04-07T12:55:00Z
7
value 0.00378
scoring_system epss
scoring_elements 0.59364
published_at 2026-04-08T12:55:00Z
8
value 0.00378
scoring_system epss
scoring_elements 0.59377
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-11499
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11499
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1475327
reference_id 1475327
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1475327
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868162
reference_id 868162
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868162
6
reference_url https://access.redhat.com/errata/RHSA-2017:2908
reference_id RHSA-2017:2908
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2908
7
reference_url https://access.redhat.com/errata/RHSA-2017:3002
reference_id RHSA-2017:3002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3002
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2017-11499
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hu7c-gc8f-q3cm
12
url VCID-ke6j-fgys-gyga
vulnerability_id VCID-ke6j-fgys-gyga
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15605.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15605.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15605
reference_id
reference_type
scores
0
value 0.32252
scoring_system epss
scoring_elements 0.96807
published_at 2026-04-01T12:55:00Z
1
value 0.32252
scoring_system epss
scoring_elements 0.96815
published_at 2026-04-02T12:55:00Z
2
value 0.32252
scoring_system epss
scoring_elements 0.96816
published_at 2026-04-04T12:55:00Z
3
value 0.32252
scoring_system epss
scoring_elements 0.9682
published_at 2026-04-07T12:55:00Z
4
value 0.32252
scoring_system epss
scoring_elements 0.96828
published_at 2026-04-08T12:55:00Z
5
value 0.32252
scoring_system epss
scoring_elements 0.9683
published_at 2026-04-09T12:55:00Z
6
value 0.32252
scoring_system epss
scoring_elements 0.96832
published_at 2026-04-12T12:55:00Z
7
value 0.32252
scoring_system epss
scoring_elements 0.96834
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15605
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1800364
reference_id 1800364
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1800364
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977467
reference_id 977467
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977467
11
reference_url https://access.redhat.com/errata/RHSA-2020:0598
reference_id RHSA-2020:0598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0598
12
reference_url https://access.redhat.com/errata/RHSA-2020:0703
reference_id RHSA-2020:0703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0703
13
reference_url https://access.redhat.com/errata/RHSA-2020:0707
reference_id RHSA-2020:0707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0707
14
reference_url https://access.redhat.com/errata/RHSA-2020:0708
reference_id RHSA-2020:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0708
15
reference_url https://access.redhat.com/errata/RHSA-2020:1510
reference_id RHSA-2020:1510
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1510
16
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-15605
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ke6j-fgys-gyga
13
url VCID-n66u-b73u-zucb
vulnerability_id VCID-n66u-b73u-zucb
summary 
golang.org/x/net/http vulnerable to a reset flood
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. Servers that accept direct connections from untrusted clients could be remotely made to allocate an unlimited amount of memory, until the program crashes. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.

### Specific Go Packages Affected
golang.org/x/net/http2
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
6
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
7
reference_url https://access.redhat.com/errata/RHSA-2019:2594
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2594
8
reference_url https://access.redhat.com/errata/RHSA-2019:2661
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2661
9
reference_url https://access.redhat.com/errata/RHSA-2019:2682
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2682
10
reference_url https://access.redhat.com/errata/RHSA-2019:2690
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2690
11
reference_url https://access.redhat.com/errata/RHSA-2019:2726
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2726
12
reference_url https://access.redhat.com/errata/RHSA-2019:2766
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2766
13
reference_url https://access.redhat.com/errata/RHSA-2019:2769
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2769
14
reference_url https://access.redhat.com/errata/RHSA-2019:2796
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2796
15
reference_url https://access.redhat.com/errata/RHSA-2019:2861
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2861
16
reference_url https://access.redhat.com/errata/RHSA-2019:2925
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2925
17
reference_url https://access.redhat.com/errata/RHSA-2019:2939
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2939
18
reference_url https://access.redhat.com/errata/RHSA-2019:2955
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2955
19
reference_url https://access.redhat.com/errata/RHSA-2019:2966
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2966
20
reference_url https://access.redhat.com/errata/RHSA-2019:3131
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3131
21
reference_url https://access.redhat.com/errata/RHSA-2019:3245
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3245
22
reference_url https://access.redhat.com/errata/RHSA-2019:3265
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3265
23
reference_url https://access.redhat.com/errata/RHSA-2019:3892
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3892
24
reference_url https://access.redhat.com/errata/RHSA-2019:3906
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3906
25
reference_url https://access.redhat.com/errata/RHSA-2019:4018
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4018
26
reference_url https://access.redhat.com/errata/RHSA-2019:4019
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4019
27
reference_url https://access.redhat.com/errata/RHSA-2019:4020
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4020
28
reference_url https://access.redhat.com/errata/RHSA-2019:4021
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4021
29
reference_url https://access.redhat.com/errata/RHSA-2019:4040
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4040
30
reference_url https://access.redhat.com/errata/RHSA-2019:4041
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4041
31
reference_url https://access.redhat.com/errata/RHSA-2019:4042
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4042
32
reference_url https://access.redhat.com/errata/RHSA-2019:4045
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4045
33
reference_url https://access.redhat.com/errata/RHSA-2019:4269
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4269
34
reference_url https://access.redhat.com/errata/RHSA-2019:4273
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4273
35
reference_url https://access.redhat.com/errata/RHSA-2019:4352
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4352
36
reference_url https://access.redhat.com/errata/RHSA-2020:0406
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0406
37
reference_url https://access.redhat.com/errata/RHSA-2020:0727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0727
38
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json
39
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9514
reference_id
reference_type
scores
0
value 0.09483
scoring_system epss
scoring_elements 0.92825
published_at 2026-04-12T12:55:00Z
1
value 0.09483
scoring_system epss
scoring_elements 0.92799
published_at 2026-04-01T12:55:00Z
2
value 0.09483
scoring_system epss
scoring_elements 0.92806
published_at 2026-04-02T12:55:00Z
3
value 0.09483
scoring_system epss
scoring_elements 0.9281
published_at 2026-04-04T12:55:00Z
4
value 0.09483
scoring_system epss
scoring_elements 0.92809
published_at 2026-04-07T12:55:00Z
5
value 0.09483
scoring_system epss
scoring_elements 0.92818
published_at 2026-04-08T12:55:00Z
6
value 0.09483
scoring_system epss
scoring_elements 0.92822
published_at 2026-04-09T12:55:00Z
7
value 0.09483
scoring_system epss
scoring_elements 0.92826
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9514
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809
42
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
43
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
44
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
45
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
46
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
47
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
48
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
49
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
50
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
51
reference_url http://seclists.org/fulldisclosure/2019/Aug/16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Aug/16
52
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
53
reference_url https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
54
reference_url https://go.dev/cl/190137
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/190137
55
reference_url https://go.dev/issue/33606
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/33606
56
reference_url https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5
57
reference_url https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ
58
reference_url https://kb.cert.org/vuls/id/605641
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kb.cert.org/vuls/id/605641
59
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10296
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kc.mcafee.com/corporate/index?page=content&id=SB10296
60
reference_url https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
61
reference_url https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
62
reference_url https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
63
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
64
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7
65
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC
66
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP
67
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ
68
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9514
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-9514
69
reference_url https://pkg.go.dev/vuln/GO-2022-0536
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0536
70
reference_url https://seclists.org/bugtraq/2019/Aug/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/24
71
reference_url https://seclists.org/bugtraq/2019/Aug/31
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/31
72
reference_url https://seclists.org/bugtraq/2019/Aug/43
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/43
73
reference_url https://seclists.org/bugtraq/2019/Sep/18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Sep/18
74
reference_url https://security.netapp.com/advisory/ntap-20190823-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0001
75
reference_url https://security.netapp.com/advisory/ntap-20190823-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0004
76
reference_url https://security.netapp.com/advisory/ntap-20190823-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0005
77
reference_url https://support.f5.com/csp/article/K01988340
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K01988340
78
reference_url https://support.f5.com/csp/article/K01988340?utm_source=f5support&amp;utm_medium=RSS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K01988340?utm_source=f5support&amp;utm_medium=RSS
79
reference_url https://usn.ubuntu.com/4308-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4308-1
80
reference_url https://www.debian.org/security/2019/dsa-4503
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4503
81
reference_url https://www.debian.org/security/2019/dsa-4508
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4508
82
reference_url https://www.debian.org/security/2019/dsa-4520
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4520
83
reference_url https://www.debian.org/security/2020/dsa-4669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4669
84
reference_url https://www.synology.com/security/advisory/Synology_SA_19_33
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_33
85
reference_url http://www.openwall.com/lists/oss-security/2019/08/20/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/08/20/1
86
reference_url http://www.openwall.com/lists/oss-security/2023/10/18/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/10/18/8
87
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667
reference_id 1062667
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667
88
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1735744
reference_id 1735744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1735744
89
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
90
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
reference_id 934886
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
91
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
reference_id 934887
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
92
reference_url https://security.archlinux.org/ASA-201908-15
reference_id ASA-201908-15
reference_type
scores
url https://security.archlinux.org/ASA-201908-15
93
reference_url https://security.archlinux.org/AVG-1021
reference_id AVG-1021
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1021
94
reference_url https://access.redhat.com/errata/RHSA-2019:2817
reference_id RHSA-2019:2817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2817
95
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
96
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
97
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
98
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
99
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
100
reference_url https://access.redhat.com/errata/RHSA-2020:3196
reference_id RHSA-2020:3196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3196
101
reference_url https://access.redhat.com/errata/RHSA-2020:3197
reference_id RHSA-2020:3197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3197
102
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
103
reference_url https://usn.ubuntu.com/USN-4866-1/
reference_id USN-USN-4866-1
reference_type
scores
url https://usn.ubuntu.com/USN-4866-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-9514, GHSA-39qc-96h7-956f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n66u-b73u-zucb
14
url VCID-nkas-113k-wkbu
vulnerability_id VCID-nkas-113k-wkbu
summary nodejs: HTTP parser allowed for spaces inside Content-Length header values
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7159.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7159.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7159
reference_id
reference_type
scores
0
value 0.0059
scoring_system epss
scoring_elements 0.69108
published_at 2026-04-01T12:55:00Z
1
value 0.0059
scoring_system epss
scoring_elements 0.69174
published_at 2026-04-13T12:55:00Z
2
value 0.0059
scoring_system epss
scoring_elements 0.69195
published_at 2026-04-09T12:55:00Z
3
value 0.0059
scoring_system epss
scoring_elements 0.69217
published_at 2026-04-11T12:55:00Z
4
value 0.0059
scoring_system epss
scoring_elements 0.69202
published_at 2026-04-12T12:55:00Z
5
value 0.0059
scoring_system epss
scoring_elements 0.69124
published_at 2026-04-02T12:55:00Z
6
value 0.0059
scoring_system epss
scoring_elements 0.69145
published_at 2026-04-04T12:55:00Z
7
value 0.0059
scoring_system epss
scoring_elements 0.69126
published_at 2026-04-07T12:55:00Z
8
value 0.0059
scoring_system epss
scoring_elements 0.69176
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7159
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7159
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7159
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
5
reference_url https://support.f5.com/csp/article/K27228191?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
url https://support.f5.com/csp/article/K27228191?utm_source=f5support&amp%3Butm_medium=RSS
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561981
reference_id 1561981
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561981
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7159
reference_id CVE-2018-7159
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-7159
10
reference_url https://access.redhat.com/errata/RHSA-2018:2949
reference_id RHSA-2018:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2949
11
reference_url https://access.redhat.com/errata/RHSA-2019:2258
reference_id RHSA-2019:2258
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2258
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-7159
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nkas-113k-wkbu
15
url VCID-pqnn-ers1-3fec
vulnerability_id VCID-pqnn-ers1-3fec
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.5038
published_at 2026-04-01T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50469
published_at 2026-04-13T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50507
published_at 2026-04-11T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50484
published_at 2026-04-12T12:55:00Z
4
value 0.0027
scoring_system epss
scoring_elements 0.50436
published_at 2026-04-02T12:55:00Z
5
value 0.0027
scoring_system epss
scoring_elements 0.50465
published_at 2026-04-09T12:55:00Z
6
value 0.0027
scoring_system epss
scoring_elements 0.50419
published_at 2026-04-07T12:55:00Z
7
value 0.0027
scoring_system epss
scoring_elements 0.50472
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
reference_id 1932024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
1
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22884
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqnn-ers1-3fec
16
url VCID-q8th-849w-bfhp
vulnerability_id VCID-q8th-849w-bfhp
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
reference_id
reference_type
scores
0
value 0.89427
scoring_system epss
scoring_elements 0.99544
published_at 2026-04-02T12:55:00Z
1
value 0.89427
scoring_system epss
scoring_elements 0.99548
published_at 2026-04-13T12:55:00Z
2
value 0.89427
scoring_system epss
scoring_elements 0.99546
published_at 2026-04-11T12:55:00Z
3
value 0.89427
scoring_system epss
scoring_elements 0.99547
published_at 2026-04-12T12:55:00Z
4
value 0.89427
scoring_system epss
scoring_elements 0.99545
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
reference_id 1932014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
1
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2021-22883
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8th-849w-bfhp
17
url VCID-r8jj-tkxd-5qg8
vulnerability_id VCID-r8jj-tkxd-5qg8
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7162.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7162.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7162
reference_id
reference_type
scores
0
value 0.01017
scoring_system epss
scoring_elements 0.77114
published_at 2026-04-01T12:55:00Z
1
value 0.01017
scoring_system epss
scoring_elements 0.77175
published_at 2026-04-13T12:55:00Z
2
value 0.01017
scoring_system epss
scoring_elements 0.772
published_at 2026-04-11T12:55:00Z
3
value 0.01017
scoring_system epss
scoring_elements 0.77179
published_at 2026-04-12T12:55:00Z
4
value 0.01017
scoring_system epss
scoring_elements 0.7712
published_at 2026-04-02T12:55:00Z
5
value 0.01017
scoring_system epss
scoring_elements 0.77149
published_at 2026-04-04T12:55:00Z
6
value 0.01017
scoring_system epss
scoring_elements 0.77131
published_at 2026-04-07T12:55:00Z
7
value 0.01017
scoring_system epss
scoring_elements 0.77164
published_at 2026-04-08T12:55:00Z
8
value 0.01017
scoring_system epss
scoring_elements 0.77173
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7162
3
reference_url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
4
reference_url https://security.gentoo.org/glsa/202003-48
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202003-48
5
reference_url http://www.securityfocus.com/bid/104468
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104468
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1591018
reference_id 1591018
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1591018
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7162
reference_id CVE-2018-7162
reference_type
scores
0
value 7.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:C
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-7162
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-7162
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8jj-tkxd-5qg8
18
url VCID-rhxy-h93e-y3d4
vulnerability_id VCID-rhxy-h93e-y3d4
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7167.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7167
reference_id
reference_type
scores
0
value 0.00756
scoring_system epss
scoring_elements 0.73255
published_at 2026-04-13T12:55:00Z
1
value 0.00756
scoring_system epss
scoring_elements 0.73283
published_at 2026-04-11T12:55:00Z
2
value 0.00756
scoring_system epss
scoring_elements 0.73262
published_at 2026-04-12T12:55:00Z
3
value 0.00815
scoring_system epss
scoring_elements 0.74239
published_at 2026-04-01T12:55:00Z
4
value 0.00815
scoring_system epss
scoring_elements 0.74244
published_at 2026-04-07T12:55:00Z
5
value 0.00815
scoring_system epss
scoring_elements 0.74271
published_at 2026-04-04T12:55:00Z
6
value 0.00815
scoring_system epss
scoring_elements 0.74277
published_at 2026-04-08T12:55:00Z
7
value 0.00815
scoring_system epss
scoring_elements 0.74292
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7167
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
5
reference_url https://security.gentoo.org/glsa/202003-48
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202003-48
6
reference_url http://www.securityfocus.com/bid/106363
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106363
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1591006
reference_id 1591006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1591006
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7167
reference_id CVE-2018-7167
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-7167
11
reference_url https://access.redhat.com/errata/RHSA-2018:2949
reference_id RHSA-2018:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2949
12
reference_url https://usn.ubuntu.com/USN-4796-1/
reference_id USN-USN-4796-1
reference_type
scores
url https://usn.ubuntu.com/USN-4796-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-7167
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhxy-h93e-y3d4
19
url VCID-tqg7-dw5d-z3et
vulnerability_id VCID-tqg7-dw5d-z3et
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12115.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12115.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12115
reference_id
reference_type
scores
0
value 0.00797
scoring_system epss
scoring_elements 0.73956
published_at 2026-04-01T12:55:00Z
1
value 0.00797
scoring_system epss
scoring_elements 0.73963
published_at 2026-04-02T12:55:00Z
2
value 0.00797
scoring_system epss
scoring_elements 0.73988
published_at 2026-04-04T12:55:00Z
3
value 0.00797
scoring_system epss
scoring_elements 0.73959
published_at 2026-04-07T12:55:00Z
4
value 0.00797
scoring_system epss
scoring_elements 0.73993
published_at 2026-04-08T12:55:00Z
5
value 0.00797
scoring_system epss
scoring_elements 0.74007
published_at 2026-04-09T12:55:00Z
6
value 0.00797
scoring_system epss
scoring_elements 0.74029
published_at 2026-04-11T12:55:00Z
7
value 0.00797
scoring_system epss
scoring_elements 0.74011
published_at 2026-04-12T12:55:00Z
8
value 0.00797
scoring_system epss
scoring_elements 0.74004
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12115
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12115
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1620219
reference_id 1620219
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1620219
5
reference_url https://access.redhat.com/errata/RHSA-2018:2552
reference_id RHSA-2018:2552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2552
6
reference_url https://access.redhat.com/errata/RHSA-2018:2553
reference_id RHSA-2018:2553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2553
7
reference_url https://access.redhat.com/errata/RHSA-2018:2944
reference_id RHSA-2018:2944
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2944
8
reference_url https://access.redhat.com/errata/RHSA-2018:2949
reference_id RHSA-2018:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2949
9
reference_url https://usn.ubuntu.com/USN-4796-1/
reference_id USN-USN-4796-1
reference_type
scores
url https://usn.ubuntu.com/USN-4796-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-12115
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tqg7-dw5d-z3et
20
url VCID-u8pe-48f4-abc9
vulnerability_id VCID-u8pe-48f4-abc9
summary 
Authentication Bypass by Spoofing
The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7160.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7160.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7160
reference_id
reference_type
scores
0
value 0.01501
scoring_system epss
scoring_elements 0.8114
published_at 2026-04-13T12:55:00Z
1
value 0.01501
scoring_system epss
scoring_elements 0.81147
published_at 2026-04-12T12:55:00Z
2
value 0.01501
scoring_system epss
scoring_elements 0.8116
published_at 2026-04-11T12:55:00Z
3
value 0.01501
scoring_system epss
scoring_elements 0.81142
published_at 2026-04-09T12:55:00Z
4
value 0.01501
scoring_system epss
scoring_elements 0.81075
published_at 2026-04-01T12:55:00Z
5
value 0.01501
scoring_system epss
scoring_elements 0.81108
published_at 2026-04-07T12:55:00Z
6
value 0.01501
scoring_system epss
scoring_elements 0.81109
published_at 2026-04-04T12:55:00Z
7
value 0.01501
scoring_system epss
scoring_elements 0.81084
published_at 2026-04-02T12:55:00Z
8
value 0.01501
scoring_system epss
scoring_elements 0.81136
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7160
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7160
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/nodejs/node/commit/e3950d1a402b80e4098a40aacddd6a104da0cfa9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/node/commit/e3950d1a402b80e4098a40aacddd6a104da0cfa9
5
reference_url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases
6
reference_url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
7
reference_url https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
url https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS
8
reference_url https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp;utm_medium=RSS
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp;utm_medium=RSS
9
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561979
reference_id 1561979
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561979
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7160
reference_id CVE-2018-7160
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-7160
14
reference_url https://github.com/advisories/GHSA-wq4c-wm6x-jw44
reference_id GHSA-wq4c-wm6x-jw44
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wq4c-wm6x-jw44
15
reference_url https://access.redhat.com/errata/RHSA-2018:2949
reference_id RHSA-2018:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2949
16
reference_url https://usn.ubuntu.com/USN-4796-1/
reference_id USN-USN-4796-1
reference_type
scores
url https://usn.ubuntu.com/USN-4796-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-7160, GHSA-wq4c-wm6x-jw44
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8pe-48f4-abc9
21
url VCID-us11-vy4j-pfd2
vulnerability_id VCID-us11-vy4j-pfd2
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00059.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00059.html
3
reference_url https://access.redhat.com/errata/RHSA-2019:1821
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1821
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5737.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5737.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-5737
reference_id
reference_type
scores
0
value 0.26351
scoring_system epss
scoring_elements 0.96272
published_at 2026-04-01T12:55:00Z
1
value 0.26351
scoring_system epss
scoring_elements 0.9631
published_at 2026-04-13T12:55:00Z
2
value 0.26351
scoring_system epss
scoring_elements 0.963
published_at 2026-04-08T12:55:00Z
3
value 0.26351
scoring_system epss
scoring_elements 0.96303
published_at 2026-04-09T12:55:00Z
4
value 0.26351
scoring_system epss
scoring_elements 0.96307
published_at 2026-04-12T12:55:00Z
5
value 0.26351
scoring_system epss
scoring_elements 0.96279
published_at 2026-04-02T12:55:00Z
6
value 0.26351
scoring_system epss
scoring_elements 0.96287
published_at 2026-04-04T12:55:00Z
7
value 0.26351
scoring_system epss
scoring_elements 0.96291
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-5737
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5737
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5737
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
9
reference_url https://security.gentoo.org/glsa/202003-48
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202003-48
10
reference_url https://security.netapp.com/advisory/ntap-20190502-0008/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190502-0008/
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1690808
reference_id 1690808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1690808
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-5737
reference_id CVE-2019-5737
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-5737
16
reference_url https://usn.ubuntu.com/USN-4796-1/
reference_id USN-USN-4796-1
reference_type
scores
url https://usn.ubuntu.com/USN-4796-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-5737
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-us11-vy4j-pfd2
22
url VCID-usab-z8q8-7qd8
vulnerability_id VCID-usab-z8q8-7qd8
summary nodejs: path module regular expression denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7158.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7158.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7158
reference_id
reference_type
scores
0
value 0.01264
scoring_system epss
scoring_elements 0.79394
published_at 2026-04-01T12:55:00Z
1
value 0.01264
scoring_system epss
scoring_elements 0.79443
published_at 2026-04-13T12:55:00Z
2
value 0.01264
scoring_system epss
scoring_elements 0.79447
published_at 2026-04-09T12:55:00Z
3
value 0.01264
scoring_system epss
scoring_elements 0.7947
published_at 2026-04-11T12:55:00Z
4
value 0.01264
scoring_system epss
scoring_elements 0.79454
published_at 2026-04-12T12:55:00Z
5
value 0.01264
scoring_system epss
scoring_elements 0.79401
published_at 2026-04-02T12:55:00Z
6
value 0.01264
scoring_system epss
scoring_elements 0.79424
published_at 2026-04-04T12:55:00Z
7
value 0.01264
scoring_system epss
scoring_elements 0.79411
published_at 2026-04-07T12:55:00Z
8
value 0.01264
scoring_system epss
scoring_elements 0.79438
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7158
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7158
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7158
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1561980
reference_id 1561980
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1561980
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7158
reference_id CVE-2018-7158
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-7158
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-7158
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-usab-z8q8-7qd8
23
url VCID-wpfq-sq11-fqa9
vulnerability_id VCID-wpfq-sq11-fqa9
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15606.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15606.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15606
reference_id
reference_type
scores
0
value 0.01338
scoring_system epss
scoring_elements 0.79948
published_at 2026-04-01T12:55:00Z
1
value 0.01338
scoring_system epss
scoring_elements 0.79955
published_at 2026-04-02T12:55:00Z
2
value 0.01338
scoring_system epss
scoring_elements 0.79976
published_at 2026-04-04T12:55:00Z
3
value 0.01338
scoring_system epss
scoring_elements 0.79965
published_at 2026-04-07T12:55:00Z
4
value 0.01338
scoring_system epss
scoring_elements 0.79993
published_at 2026-04-08T12:55:00Z
5
value 0.01338
scoring_system epss
scoring_elements 0.80002
published_at 2026-04-09T12:55:00Z
6
value 0.01338
scoring_system epss
scoring_elements 0.80022
published_at 2026-04-11T12:55:00Z
7
value 0.01338
scoring_system epss
scoring_elements 0.80006
published_at 2026-04-12T12:55:00Z
8
value 0.01338
scoring_system epss
scoring_elements 0.79998
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15606
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1800366
reference_id 1800366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1800366
10
reference_url https://access.redhat.com/errata/RHSA-2020:0598
reference_id RHSA-2020:0598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0598
11
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2019-15606
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wpfq-sq11-fqa9
24
url VCID-xeay-8ec9-4bdd
vulnerability_id VCID-xeay-8ec9-4bdd
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8174.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8174.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8174
reference_id
reference_type
scores
0
value 0.01491
scoring_system epss
scoring_elements 0.80994
published_at 2026-04-01T12:55:00Z
1
value 0.01491
scoring_system epss
scoring_elements 0.81003
published_at 2026-04-02T12:55:00Z
2
value 0.01491
scoring_system epss
scoring_elements 0.81027
published_at 2026-04-04T12:55:00Z
3
value 0.01491
scoring_system epss
scoring_elements 0.81025
published_at 2026-04-07T12:55:00Z
4
value 0.01491
scoring_system epss
scoring_elements 0.81053
published_at 2026-04-08T12:55:00Z
5
value 0.01491
scoring_system epss
scoring_elements 0.8106
published_at 2026-04-09T12:55:00Z
6
value 0.01491
scoring_system epss
scoring_elements 0.81078
published_at 2026-04-11T12:55:00Z
7
value 0.01491
scoring_system epss
scoring_elements 0.81064
published_at 2026-04-12T12:55:00Z
8
value 0.01491
scoring_system epss
scoring_elements 0.81056
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8174
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1845256
reference_id 1845256
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1845256
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145
reference_id 962145
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145
7
reference_url https://access.redhat.com/errata/RHSA-2020:2847
reference_id RHSA-2020:2847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2847
8
reference_url https://access.redhat.com/errata/RHSA-2020:2848
reference_id RHSA-2020:2848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2848
9
reference_url https://access.redhat.com/errata/RHSA-2020:2849
reference_id RHSA-2020:2849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2849
10
reference_url https://access.redhat.com/errata/RHSA-2020:2852
reference_id RHSA-2020:2852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2852
11
reference_url https://access.redhat.com/errata/RHSA-2020:2895
reference_id RHSA-2020:2895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2895
12
reference_url https://access.redhat.com/errata/RHSA-2020:3042
reference_id RHSA-2020:3042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3042
13
reference_url https://access.redhat.com/errata/RHSA-2020:3084
reference_id RHSA-2020:3084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3084
14
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2020-8174
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xeay-8ec9-4bdd
25
url VCID-zj4d-e8r7-ufg3
vulnerability_id VCID-zj4d-e8r7-ufg3
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8287
reference_id
reference_type
scores
0
value 0.11865
scoring_system epss
scoring_elements 0.93694
published_at 2026-04-01T12:55:00Z
1
value 0.11865
scoring_system epss
scoring_elements 0.93732
published_at 2026-04-13T12:55:00Z
2
value 0.11865
scoring_system epss
scoring_elements 0.93726
published_at 2026-04-08T12:55:00Z
3
value 0.11865
scoring_system epss
scoring_elements 0.93727
published_at 2026-04-09T12:55:00Z
4
value 0.11865
scoring_system epss
scoring_elements 0.93704
published_at 2026-04-02T12:55:00Z
5
value 0.11865
scoring_system epss
scoring_elements 0.93714
published_at 2026-04-04T12:55:00Z
6
value 0.11865
scoring_system epss
scoring_elements 0.93717
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8287
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690
reference_id 1016690
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912863
reference_id 1912863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912863
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id 979364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
8
reference_url https://security.archlinux.org/ASA-202101-16
reference_id ASA-202101-16
reference_type
scores
url https://security.archlinux.org/ASA-202101-16
9
reference_url https://security.archlinux.org/AVG-1400
reference_id AVG-1400
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1400
10
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
11
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
12
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
13
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
14
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
15
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
16
reference_url https://usn.ubuntu.com/5563-1/
reference_id USN-5563-1
reference_type
scores
url https://usn.ubuntu.com/5563-1/
17
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
1
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2020-8287
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zj4d-e8r7-ufg3
26
url VCID-zrbm-htvv-eke9
vulnerability_id VCID-zrbm-htvv-eke9
summary 
Multiple vulnerabilities have been found in Node.js, worst of which
    could allow remote attackers to write arbitrary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12121.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12121.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12121
reference_id
reference_type
scores
0
value 0.08466
scoring_system epss
scoring_elements 0.92321
published_at 2026-04-01T12:55:00Z
1
value 0.08466
scoring_system epss
scoring_elements 0.92328
published_at 2026-04-02T12:55:00Z
2
value 0.08466
scoring_system epss
scoring_elements 0.92334
published_at 2026-04-04T12:55:00Z
3
value 0.08466
scoring_system epss
scoring_elements 0.92338
published_at 2026-04-07T12:55:00Z
4
value 0.08466
scoring_system epss
scoring_elements 0.92349
published_at 2026-04-08T12:55:00Z
5
value 0.08466
scoring_system epss
scoring_elements 0.92354
published_at 2026-04-09T12:55:00Z
6
value 0.08466
scoring_system epss
scoring_elements 0.92359
published_at 2026-04-13T12:55:00Z
7
value 0.08466
scoring_system epss
scoring_elements 0.92361
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12121
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1661002
reference_id 1661002
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1661002
5
reference_url https://access.redhat.com/errata/RHSA-2019:2258
reference_id RHSA-2019:2258
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2258
6
reference_url https://access.redhat.com/errata/RHSA-2019:3497
reference_id RHSA-2019:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3497
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
aliases CVE-2018-12121
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zrbm-htvv-eke9
27
url VCID-ztt4-vnk7-7ycq
vulnerability_id VCID-ztt4-vnk7-7ycq
summary 
Multiple vulnerabilities have been found in NodeJS, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8265
reference_id
reference_type
scores
0
value 0.00755
scoring_system epss
scoring_elements 0.73197
published_at 2026-04-01T12:55:00Z
1
value 0.00755
scoring_system epss
scoring_elements 0.73248
published_at 2026-04-13T12:55:00Z
2
value 0.00755
scoring_system epss
scoring_elements 0.73276
published_at 2026-04-11T12:55:00Z
3
value 0.00755
scoring_system epss
scoring_elements 0.73255
published_at 2026-04-12T12:55:00Z
4
value 0.00755
scoring_system epss
scoring_elements 0.73207
published_at 2026-04-02T12:55:00Z
5
value 0.00755
scoring_system epss
scoring_elements 0.73228
published_at 2026-04-04T12:55:00Z
6
value 0.00755
scoring_system epss
scoring_elements 0.73201
published_at 2026-04-07T12:55:00Z
7
value 0.00755
scoring_system epss
scoring_elements 0.73238
published_at 2026-04-08T12:55:00Z
8
value 0.00755
scoring_system epss
scoring_elements 0.73251
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8265
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912854
reference_id 1912854
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912854
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id 979364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
7
reference_url https://security.archlinux.org/ASA-202101-16
reference_id ASA-202101-16
reference_type
scores
url https://security.archlinux.org/ASA-202101-16
8
reference_url https://security.archlinux.org/AVG-1400
reference_id AVG-1400
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1400
9
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
10
reference_url https://access.redhat.com/errata/RHSA-2021:0485
reference_id RHSA-2021:0485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0485
11
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
12
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
13
reference_url https://access.redhat.com/errata/RHSA-2021:0549
reference_id RHSA-2021:0549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0549
14
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
15
reference_url https://usn.ubuntu.com/6380-1/
reference_id USN-6380-1
reference_type
scores
url https://usn.ubuntu.com/6380-1/
fixed_packages
0
url pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
purl pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z1f-7jkw-17av
1
vulnerability VCID-53xm-8w84-93cx
2
vulnerability VCID-5cf7-va9h-h3gy
3
vulnerability VCID-7tpb-9zrz-e7e1
4
vulnerability VCID-8c4g-fjsa-nkhw
5
vulnerability VCID-9g7s-y7nq-xfbb
6
vulnerability VCID-9yq7-aba3-c7c3
7
vulnerability VCID-b54b-pd2b-bygm
8
vulnerability VCID-bx67-aud6-b3fa
9
vulnerability VCID-c8xz-v6h3-6ueb
10
vulnerability VCID-dfdy-vhdd-5kh4
11
vulnerability VCID-e18p-c3m9-2qgy
12
vulnerability VCID-e6gj-fe31-kkh5
13
vulnerability VCID-e7u5-356v-jbg7
14
vulnerability VCID-gwyr-ac4e-dqfa
15
vulnerability VCID-hnjv-fp2r-vqfq
16
vulnerability VCID-m5ae-uc68-d3g2
17
vulnerability VCID-m7rw-arzq-jba1
18
vulnerability VCID-ms5y-gp7v-2qay
19
vulnerability VCID-n91z-kugd-ebb5
20
vulnerability VCID-nenk-4cgd-fugv
21
vulnerability VCID-pqnn-ers1-3fec
22
vulnerability VCID-q8th-849w-bfhp
23
vulnerability VCID-tnhd-rr89-9udh
24
vulnerability VCID-vkvx-gxbu-3uau
25
vulnerability VCID-wf5t-3pwz-c7d7
26
vulnerability VCID-wzcw-dd7m-zkaz
27
vulnerability VCID-xnzh-wpd4-63f9
28
vulnerability VCID-zj4d-e8r7-ufg3
29
vulnerability VCID-zstw-3wmu-u3c8
30
vulnerability VCID-ztt4-vnk7-7ycq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1
1
url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vp3-fzdr-yqbm
1
vulnerability VCID-2t7c-dju9-pff6
2
vulnerability VCID-2z1f-7jkw-17av
3
vulnerability VCID-38k9-23j3-eqh7
4
vulnerability VCID-43sf-4r41-wugc
5
vulnerability VCID-96yh-1wub-zucg
6
vulnerability VCID-98fy-tedc-ube7
7
vulnerability VCID-9yq7-aba3-c7c3
8
vulnerability VCID-bjza-25hu-vkad
9
vulnerability VCID-bx67-aud6-b3fa
10
vulnerability VCID-c8xz-v6h3-6ueb
11
vulnerability VCID-dgkh-jdah-wfh9
12
vulnerability VCID-dt7u-3usg-9uet
13
vulnerability VCID-e6gj-fe31-kkh5
14
vulnerability VCID-e7u5-356v-jbg7
15
vulnerability VCID-kj75-vmwa-gqgq
16
vulnerability VCID-nenk-4cgd-fugv
17
vulnerability VCID-sag8-repb-g3f4
18
vulnerability VCID-twc8-ewm7-wkb1
19
vulnerability VCID-u8bq-8jp4-jkem
20
vulnerability VCID-v7uy-445x-tuan
21
vulnerability VCID-vkvx-gxbu-3uau
22
vulnerability VCID-wf5t-3pwz-c7d7
23
vulnerability VCID-x1an-pjq4-nbby
24
vulnerability VCID-zstw-3wmu-u3c8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4
aliases CVE-2020-8265
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztt4-vnk7-7ycq
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.24.0~dfsg-1~deb10u1