Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/932834?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "type": "deb", "namespace": "debian", "name": "nodejs", "version": "12.22.12~dfsg-1~deb11u5", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "12.22.12~dfsg-1~deb11u6", "latest_non_vulnerable_version": "22.22.2+dfsg+~cs22.19.15-3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37577?format=api", "vulnerability_id": "VCID-2z1f-7jkw-17av", "summary": "Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27982.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27982.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60117", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60154", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60161", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60147", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60093", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60063", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60113", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60127", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60149", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27982" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347", "reference_id": "1068347", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347" }, { "reference_url": "https://hackerone.com/reports/2237099", "reference_id": "2237099", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:19:19Z/" } ], "url": "https://hackerone.com/reports/2237099" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275392", "reference_id": "2275392", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275392" }, { "reference_url": "https://security.archlinux.org/AVG-2852", "reference_id": "AVG-2852", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2852" }, { "reference_url": "https://security.archlinux.org/AVG-2853", "reference_id": "AVG-2853", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2853" }, { "reference_url": "https://security.gentoo.org/glsa/202505-11", "reference_id": "GLSA-202505-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2778", "reference_id": "RHSA-2024:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2779", "reference_id": "RHSA-2024:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2780", "reference_id": "RHSA-2024:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2853", "reference_id": "RHSA-2024:2853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2910", "reference_id": "RHSA-2024:2910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3545", "reference_id": "RHSA-2024:3545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4559", "reference_id": "RHSA-2024:4559", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4559" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932837?format=api", "purl": "pkg:deb/debian/nodejs@18.20.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-27982" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2z1f-7jkw-17av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62495?format=api", "vulnerability_id": "VCID-9yq7-aba3-c7c3", "summary": "Multiple vulnerabilities have been discovered in Node.js.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18793", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19024", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18977", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18926", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1888", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18892", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18904", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18963", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19017", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22427", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739", "reference_id": "1050739", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739" }, { "reference_url": "https://hackerone.com/reports/1946470", "reference_id": "1946470", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/" } ], "url": "https://hackerone.com/reports/1946470" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230956", "reference_id": "2230956", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230956" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0006/", "reference_id": "ntap-20231006-0006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5360", "reference_id": "RHSA-2023:5360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5361", "reference_id": "RHSA-2023:5361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5362", "reference_id": "RHSA-2023:5362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5363", "reference_id": "RHSA-2023:5363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5532", "reference_id": "RHSA-2023:5532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5533", "reference_id": "RHSA-2023:5533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5533" }, { "reference_url": "https://usn.ubuntu.com/6822-1/", "reference_id": "USN-6822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6822-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932833?format=api", "purl": "pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932831?format=api", "purl": "pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-32559" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9yq7-aba3-c7c3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37572?format=api", "vulnerability_id": "VCID-bx67-aud6-b3fa", "summary": "Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22025.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62483", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62515", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70496", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70444", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70429", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70415", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70457", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70465", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70445", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70359", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70404", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.7042", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22025" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270559", "reference_id": "2270559", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270559" }, { "reference_url": "https://hackerone.com/reports/2284065", "reference_id": "2284065", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/" } ], "url": "https://hackerone.com/reports/2284065" }, { "reference_url": "https://security.gentoo.org/glsa/202505-11", "reference_id": "GLSA-202505-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-11" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240517-0008/", "reference_id": "ntap-20240517-0008", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240517-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2778", "reference_id": "RHSA-2024:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2779", "reference_id": "RHSA-2024:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2780", "reference_id": "RHSA-2024:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2853", "reference_id": "RHSA-2024:2853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2910", "reference_id": "RHSA-2024:2910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4559", "reference_id": "RHSA-2024:4559", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4559" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4721", "reference_id": "RHSA-2024:4721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4721" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932835?format=api", "purl": "pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22025" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bx67-aud6-b3fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37546?format=api", "vulnerability_id": "VCID-e6gj-fe31-kkh5", "summary": "Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46809.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46809.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79292", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79259", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79256", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79257", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79218", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79203", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79236", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.7926", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79244", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01239", "scoring_system": "epss", "scoring_elements": "0.79232", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46809" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055", "reference_id": "1064055", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264569", "reference_id": "2264569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264569" }, { "reference_url": "https://nodejs.org/en/blog/vulnerability/february-2024-security-releases", "reference_id": "february-2024-security-releases", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T17:40:41Z/" } ], "url": "https://nodejs.org/en/blog/vulnerability/february-2024-security-releases" }, { "reference_url": "https://security.gentoo.org/glsa/202505-11", "reference_id": "GLSA-202505-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1503", "reference_id": "RHSA-2024:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1510", "reference_id": "RHSA-2024:1510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1687", "reference_id": "RHSA-2024:1687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1688", "reference_id": "RHSA-2024:1688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1880", "reference_id": "RHSA-2024:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1932", "reference_id": "RHSA-2024:1932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1932" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932835?format=api", "purl": "pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-46809" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6gj-fe31-kkh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62488?format=api", "vulnerability_id": "VCID-e7u5-356v-jbg7", "summary": "Multiple vulnerabilities have been discovered in Node.js.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76391", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76405", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.7642", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76423", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76418", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76459", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76463", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76449", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00954", "scoring_system": "epss", "scoring_elements": "0.76483", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990", "reference_id": "1039990", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219842", "reference_id": "2219842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219842" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4330", "reference_id": "RHSA-2023:4330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4331", "reference_id": "RHSA-2023:4331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4536", "reference_id": "RHSA-2023:4536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4537", "reference_id": "RHSA-2023:4537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5361", "reference_id": "RHSA-2023:5361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5533", "reference_id": "RHSA-2023:5533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5533" }, { "reference_url": "https://usn.ubuntu.com/6735-1/", "reference_id": "USN-6735-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6735-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932833?format=api", "purl": "pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932831?format=api", "purl": "pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-30590" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e7u5-356v-jbg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37580?format=api", "vulnerability_id": "VCID-nenk-4cgd-fugv", "summary": "Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27983.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27983.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98926", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98907", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98911", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98912", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98914", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98915", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98917", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98919", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.75933", "scoring_system": "epss", "scoring_elements": "0.98922", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347", "reference_id": "1068347", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272764", "reference_id": "2272764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272764" }, { "reference_url": "https://hackerone.com/reports/2319584", "reference_id": "2319584", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/" } ], "url": "https://hackerone.com/reports/2319584" }, { "reference_url": "https://security.archlinux.org/AVG-2852", "reference_id": "AVG-2852", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2852" }, { "reference_url": "https://security.archlinux.org/AVG-2853", "reference_id": "AVG-2853", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2853" }, { "reference_url": "https://security.gentoo.org/glsa/202505-11", "reference_id": "GLSA-202505-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-11" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE/", "reference_id": "JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240510-0002/", "reference_id": "ntap-20240510-0002", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240510-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2778", "reference_id": "RHSA-2024:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2779", "reference_id": "RHSA-2024:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2780", "reference_id": "RHSA-2024:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2853", "reference_id": "RHSA-2024:2853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2910", "reference_id": "RHSA-2024:2910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2937", "reference_id": "RHSA-2024:2937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3472", "reference_id": "RHSA-2024:3472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3544", "reference_id": "RHSA-2024:3544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3545", "reference_id": "RHSA-2024:3545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3553", "reference_id": "RHSA-2024:3553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4353", "reference_id": "RHSA-2024:4353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4824", "reference_id": "RHSA-2024:4824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4824" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW/", "reference_id": "YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932837?format=api", "purl": "pkg:deb/debian/nodejs@18.20.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-27983" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nenk-4cgd-fugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37562?format=api", "vulnerability_id": "VCID-vkvx-gxbu-3uau", "summary": "Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22019.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22019.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59485", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59506", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59509", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.5949", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59524", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59529", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59513", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.5945", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59475", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59442", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59493", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22019" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055", "reference_id": "1064055", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055" }, { "reference_url": "https://hackerone.com/reports/2233486", "reference_id": "2233486", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T21:15:49Z/" } ], "url": "https://hackerone.com/reports/2233486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264574", "reference_id": "2264574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264574" }, { "reference_url": "https://security.gentoo.org/glsa/202505-11", "reference_id": "GLSA-202505-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-11" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240315-0004/", "reference_id": "ntap-20240315-0004", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T21:15:49Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240315-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1354", "reference_id": "RHSA-2024:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1424", "reference_id": "RHSA-2024:1424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1438", "reference_id": "RHSA-2024:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1444", "reference_id": "RHSA-2024:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1503", "reference_id": "RHSA-2024:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1510", "reference_id": "RHSA-2024:1510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1678", "reference_id": "RHSA-2024:1678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1687", "reference_id": "RHSA-2024:1687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1688", "reference_id": "RHSA-2024:1688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1880", "reference_id": "RHSA-2024:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1932", "reference_id": "RHSA-2024:1932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2651", "reference_id": "RHSA-2024:2651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2793", "reference_id": "RHSA-2024:2793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2793" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932835?format=api", "purl": "pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22019" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vkvx-gxbu-3uau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18167?format=api", "vulnerability_id": "VCID-zstw-3wmu-u3c8", "summary": "llhttp vulnerable to HTTP request smuggling\nThe llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).\n\nThe CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30589", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83375", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83351", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83348", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83349", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83317", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83323", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83308", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83299", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83275", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83276", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01916", "scoring_system": "epss", "scoring_elements": "0.83261", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30589" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/nodejs/llhttp", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nodejs/llhttp" }, { "reference_url": "https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1" }, { "reference_url": "https://hackerone.com/reports/2001873", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://hackerone.com/reports/2001873" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230803-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230803-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990", "reference_id": "1039990", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219841", "reference_id": "2219841", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219841" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30589", "reference_id": "CVE-2023-30589", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30589" }, { "reference_url": "https://github.com/advisories/GHSA-cggh-pq45-6h9x", "reference_id": "GHSA-cggh-pq45-6h9x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cggh-pq45-6h9x" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4330", "reference_id": "RHSA-2023:4330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4331", "reference_id": "RHSA-2023:4331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4536", "reference_id": "RHSA-2023:4536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4537", "reference_id": "RHSA-2023:4537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5361", "reference_id": "RHSA-2023:5361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5533", "reference_id": "RHSA-2023:5533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5533" }, { "reference_url": "https://usn.ubuntu.com/6735-1/", "reference_id": "USN-6735-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6735-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/932797?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-38k9-23j3-eqh7" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-kj75-vmwa-gqgq" }, { "vulnerability": "VCID-sag8-repb-g3f4" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-x1an-pjq4-nbby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932834?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932833?format=api", "purl": "pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932831?format=api", "purl": "pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932795?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vp3-fzdr-yqbm" }, { "vulnerability": "VCID-2t7c-dju9-pff6" }, { "vulnerability": "VCID-43sf-4r41-wugc" }, { "vulnerability": "VCID-96yh-1wub-zucg" }, { "vulnerability": "VCID-98fy-tedc-ube7" }, { "vulnerability": "VCID-bjza-25hu-vkad" }, { "vulnerability": "VCID-dgkh-jdah-wfh9" }, { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-twc8-ewm7-wkb1" }, { "vulnerability": "VCID-u8bq-8jp4-jkem" }, { "vulnerability": "VCID-v7uy-445x-tuan" }, { "vulnerability": "VCID-wf5t-3pwz-c7d7" }, { "vulnerability": "VCID-x1an-pjq4-nbby" }, { "vulnerability": "VCID-xkpz-pb5y-jqcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932799?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932798?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063054?format=api", "purl": "pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-30589", "GHSA-cggh-pq45-6h9x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zstw-3wmu-u3c8" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie" }