Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/nodejs-current@18.6.0-r0?arch=x86&distroversion=v3.19&reponame=community
Typeapk
Namespacealpine
Namenodejs-current
Version18.6.0-r0
Qualifiers
arch x86
distroversion v3.19
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version18.9.1-r0
Latest_non_vulnerable_version21.7.2-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-7tpb-9zrz-e7e1
vulnerability_id VCID-7tpb-9zrz-e7e1
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32212
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.19983
published_at 2026-04-02T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.20041
published_at 2026-04-04T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.19768
published_at 2026-04-07T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.19848
published_at 2026-04-08T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.19901
published_at 2026-04-09T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.19911
published_at 2026-04-11T12:55:00Z
6
value 0.00064
scoring_system epss
scoring_elements 0.19867
published_at 2026-04-12T12:55:00Z
7
value 0.00064
scoring_system epss
scoring_elements 0.19809
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32212
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105422
reference_id 2105422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105422
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
13
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
14
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
15
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
16
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
17
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:apk/alpine/nodejs-current@18.6.0-r0?arch=x86&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/nodejs-current@18.6.0-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@18.6.0-r0%3Farch=x86&distroversion=v3.19&reponame=community
aliases CVE-2022-32212
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7tpb-9zrz-e7e1
1
url VCID-8c4g-fjsa-nkhw
vulnerability_id VCID-8c4g-fjsa-nkhw
summary 
llhttp allows HTTP Request Smuggling via Improper Delimiting of Header Fields
The llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. The LF character (without CR) is sufficient to delimit HTTP header fields in the lihttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This can lead to HTTP Request Smuggling (HRS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32214
reference_id
reference_type
scores
0
value 0.45841
scoring_system epss
scoring_elements 0.97625
published_at 2026-04-13T12:55:00Z
1
value 0.45841
scoring_system epss
scoring_elements 0.97612
published_at 2026-04-07T12:55:00Z
2
value 0.45841
scoring_system epss
scoring_elements 0.97624
published_at 2026-04-12T12:55:00Z
3
value 0.45841
scoring_system epss
scoring_elements 0.97622
published_at 2026-04-11T12:55:00Z
4
value 0.45841
scoring_system epss
scoring_elements 0.97619
published_at 2026-04-09T12:55:00Z
5
value 0.45841
scoring_system epss
scoring_elements 0.97617
published_at 2026-04-08T12:55:00Z
6
value 0.45841
scoring_system epss
scoring_elements 0.97608
published_at 2026-04-02T12:55:00Z
7
value 0.45841
scoring_system epss
scoring_elements 0.97611
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32214
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://datatracker.ietf.org/doc/html/rfc7230#section-3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://datatracker.ietf.org/doc/html/rfc7230#section-3
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
12
reference_url https://hackerone.com/reports/1524692
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1524692
13
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
14
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32214
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-32214
16
reference_url https://security.netapp.com/advisory/ntap-20220915-0001
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0001
17
reference_url https://security.netapp.com/advisory/ntap-20220915-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220915-0001/
18
reference_url https://www.debian.org/security/2023/dsa-5326
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5326
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105428
reference_id 2105428
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105428
20
reference_url https://github.com/advisories/GHSA-q5vx-44v4-gch4
reference_id GHSA-q5vx-44v4-gch4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q5vx-44v4-gch4
21
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
22
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
23
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
24
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
25
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
26
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
27
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:apk/alpine/nodejs-current@18.6.0-r0?arch=x86&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/nodejs-current@18.6.0-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@18.6.0-r0%3Farch=x86&distroversion=v3.19&reponame=community
aliases CVE-2022-32214, GHSA-q5vx-44v4-gch4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8c4g-fjsa-nkhw
2
url VCID-v3uy-dqn9-qye5
vulnerability_id VCID-v3uy-dqn9-qye5
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32222
reference_id
reference_type
scores
0
value 0.0062
scoring_system epss
scoring_elements 0.69973
published_at 2026-04-02T12:55:00Z
1
value 0.0062
scoring_system epss
scoring_elements 0.69987
published_at 2026-04-04T12:55:00Z
2
value 0.0062
scoring_system epss
scoring_elements 0.69964
published_at 2026-04-07T12:55:00Z
3
value 0.0062
scoring_system epss
scoring_elements 0.70012
published_at 2026-04-08T12:55:00Z
4
value 0.0062
scoring_system epss
scoring_elements 0.70028
published_at 2026-04-09T12:55:00Z
5
value 0.0062
scoring_system epss
scoring_elements 0.70051
published_at 2026-04-11T12:55:00Z
6
value 0.0062
scoring_system epss
scoring_elements 0.70036
published_at 2026-04-12T12:55:00Z
7
value 0.0062
scoring_system epss
scoring_elements 0.70023
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32222
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105424
reference_id 2105424
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105424
4
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
fixed_packages
0
url pkg:apk/alpine/nodejs-current@18.6.0-r0?arch=x86&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/nodejs-current@18.6.0-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@18.6.0-r0%3Farch=x86&distroversion=v3.19&reponame=community
1
url pkg:apk/alpine/nodejs-current@18.9.1-r0?arch=x86&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/nodejs-current@18.9.1-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@18.9.1-r0%3Farch=x86&distroversion=v3.19&reponame=community
aliases CVE-2022-32222
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3uy-dqn9-qye5
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs-current@18.6.0-r0%3Farch=x86&distroversion=v3.19&reponame=community