Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.20-2?arch=el7
Typerpm
Namespaceredhat
Namerh-nodejs14-nodejs-nodemon
Version2.0.20-2
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-bcuh-2e2c-53gy
vulnerability_id VCID-bcuh-2e2c-53gy
summary 
qs vulnerable to Prototype Pollution
qs before 6.10.3 allows attackers to cause a Node process hang because an `__ proto__` key can be used. In many typical web framework use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as `a[__proto__]=b&a[__proto__]&a[length]=100000000`. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24999.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24999.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24999
reference_id
reference_type
scores
0
value 0.01142
scoring_system epss
scoring_elements 0.78485
published_at 2026-04-24T12:55:00Z
1
value 0.01142
scoring_system epss
scoring_elements 0.78452
published_at 2026-04-21T12:55:00Z
2
value 0.01142
scoring_system epss
scoring_elements 0.78383
published_at 2026-04-02T12:55:00Z
3
value 0.01142
scoring_system epss
scoring_elements 0.78424
published_at 2026-04-08T12:55:00Z
4
value 0.01142
scoring_system epss
scoring_elements 0.78397
published_at 2026-04-07T12:55:00Z
5
value 0.01142
scoring_system epss
scoring_elements 0.78414
published_at 2026-04-04T12:55:00Z
6
value 0.01543
scoring_system epss
scoring_elements 0.8138
published_at 2026-04-13T12:55:00Z
7
value 0.01543
scoring_system epss
scoring_elements 0.81388
published_at 2026-04-12T12:55:00Z
8
value 0.01543
scoring_system epss
scoring_elements 0.814
published_at 2026-04-11T12:55:00Z
9
value 0.01543
scoring_system epss
scoring_elements 0.81379
published_at 2026-04-09T12:55:00Z
10
value 0.01543
scoring_system epss
scoring_elements 0.81417
published_at 2026-04-16T12:55:00Z
11
value 0.01543
scoring_system epss
scoring_elements 0.81418
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24999
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24999
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24999
3
reference_url https://github.com/expressjs/express/releases/tag/4.17.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://github.com/expressjs/express/releases/tag/4.17.3
4
reference_url https://github.com/ljharb/qs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs
5
reference_url https://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec
6
reference_url https://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68
7
reference_url https://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b
8
reference_url https://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d
9
reference_url https://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1
10
reference_url https://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105
11
reference_url https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f
12
reference_url https://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee
13
reference_url https://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda
14
reference_url https://github.com/ljharb/qs/pull/428
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://github.com/ljharb/qs/pull/428
15
reference_url https://github.com/n8tz/CVE-2022-24999
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://github.com/n8tz/CVE-2022-24999
16
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24999
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24999
18
reference_url https://security.netapp.com/advisory/ntap-20230908-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230908-0005
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2150323
reference_id 2150323
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2150323
20
reference_url https://github.com/advisories/GHSA-hrpp-h998-j3pp
reference_id GHSA-hrpp-h998-j3pp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hrpp-h998-j3pp
21
reference_url https://security.netapp.com/advisory/ntap-20230908-0005/
reference_id ntap-20230908-0005
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T13:56:22Z/
url https://security.netapp.com/advisory/ntap-20230908-0005/
22
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
23
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
24
reference_url https://access.redhat.com/errata/RHSA-2023:0930
reference_id RHSA-2023:0930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0930
25
reference_url https://access.redhat.com/errata/RHSA-2023:0932
reference_id RHSA-2023:0932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0932
26
reference_url https://access.redhat.com/errata/RHSA-2023:0934
reference_id RHSA-2023:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0934
27
reference_url https://access.redhat.com/errata/RHSA-2023:1428
reference_id RHSA-2023:1428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1428
28
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
29
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
30
reference_url https://access.redhat.com/errata/RHSA-2023:3265
reference_id RHSA-2023:3265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3265
31
reference_url https://access.redhat.com/errata/RHSA-2023:3645
reference_id RHSA-2023:3645
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3645
32
reference_url https://usn.ubuntu.com/7693-1/
reference_id USN-7693-1
reference_type
scores
url https://usn.ubuntu.com/7693-1/
fixed_packages
aliases CVE-2022-24999, GHSA-hrpp-h998-j3pp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcuh-2e2c-53gy
1
url VCID-m7rw-arzq-jba1
vulnerability_id VCID-m7rw-arzq-jba1
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43548
reference_id
reference_type
scores
0
value 0.00565
scoring_system epss
scoring_elements 0.68402
published_at 2026-04-02T12:55:00Z
1
value 0.00565
scoring_system epss
scoring_elements 0.68525
published_at 2026-04-24T12:55:00Z
2
value 0.00565
scoring_system epss
scoring_elements 0.68422
published_at 2026-04-04T12:55:00Z
3
value 0.00565
scoring_system epss
scoring_elements 0.68398
published_at 2026-04-07T12:55:00Z
4
value 0.00565
scoring_system epss
scoring_elements 0.68449
published_at 2026-04-08T12:55:00Z
5
value 0.00565
scoring_system epss
scoring_elements 0.68466
published_at 2026-04-09T12:55:00Z
6
value 0.00565
scoring_system epss
scoring_elements 0.68492
published_at 2026-04-11T12:55:00Z
7
value 0.00565
scoring_system epss
scoring_elements 0.6848
published_at 2026-04-12T12:55:00Z
8
value 0.00565
scoring_system epss
scoring_elements 0.68447
published_at 2026-04-13T12:55:00Z
9
value 0.00565
scoring_system epss
scoring_elements 0.68484
published_at 2026-04-16T12:55:00Z
10
value 0.00565
scoring_system epss
scoring_elements 0.68498
published_at 2026-04-18T12:55:00Z
11
value 0.00565
scoring_system epss
scoring_elements 0.68476
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43548
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518
reference_id 1023518
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140911
reference_id 2140911
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140911
12
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
13
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
reference_id msg00038.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
14
reference_url https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/
reference_id november-2022-security-releases
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/
15
reference_url https://security.netapp.com/advisory/ntap-20230120-0004/
reference_id ntap-20230120-0004
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://security.netapp.com/advisory/ntap-20230120-0004/
16
reference_url https://security.netapp.com/advisory/ntap-20230427-0007/
reference_id ntap-20230427-0007
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://security.netapp.com/advisory/ntap-20230427-0007/
17
reference_url https://access.redhat.com/errata/RHSA-2022:8832
reference_id RHSA-2022:8832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8832
18
reference_url https://access.redhat.com/errata/RHSA-2022:8833
reference_id RHSA-2022:8833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8833
19
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
20
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
21
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
22
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
23
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
24
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
25
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
aliases CVE-2022-43548
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7rw-arzq-jba1
2
url VCID-turp-dju7-c7fx
vulnerability_id VCID-turp-dju7-c7fx
summary 
Prototype Pollution in minimist
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44906.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44906.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44906
reference_id
reference_type
scores
0
value 0.00882
scoring_system epss
scoring_elements 0.75462
published_at 2026-04-24T12:55:00Z
1
value 0.00882
scoring_system epss
scoring_elements 0.75372
published_at 2026-04-04T12:55:00Z
2
value 0.00882
scoring_system epss
scoring_elements 0.75428
published_at 2026-04-21T12:55:00Z
3
value 0.00882
scoring_system epss
scoring_elements 0.75438
published_at 2026-04-18T12:55:00Z
4
value 0.00882
scoring_system epss
scoring_elements 0.75432
published_at 2026-04-16T12:55:00Z
5
value 0.00882
scoring_system epss
scoring_elements 0.75391
published_at 2026-04-13T12:55:00Z
6
value 0.00882
scoring_system epss
scoring_elements 0.75402
published_at 2026-04-12T12:55:00Z
7
value 0.00882
scoring_system epss
scoring_elements 0.75424
published_at 2026-04-11T12:55:00Z
8
value 0.00882
scoring_system epss
scoring_elements 0.75404
published_at 2026-04-09T12:55:00Z
9
value 0.00882
scoring_system epss
scoring_elements 0.75395
published_at 2026-04-08T12:55:00Z
10
value 0.00882
scoring_system epss
scoring_elements 0.75351
published_at 2026-04-07T12:55:00Z
11
value 0.00882
scoring_system epss
scoring_elements 0.75337
published_at 2026-04-01T12:55:00Z
12
value 0.00882
scoring_system epss
scoring_elements 0.7534
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44906
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
5
reference_url https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703
6
reference_url https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb
7
reference_url https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d
8
reference_url https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11
9
reference_url https://github.com/minimistjs/minimist/commits/v0.2.4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commits/v0.2.4
10
reference_url https://github.com/minimistjs/minimist/issues/11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/issues/11
11
reference_url https://github.com/minimistjs/minimist/pull/24
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/pull/24
12
reference_url https://github.com/substack/minimist
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist
13
reference_url https://github.com/substack/minimist/blob/master/index.js#L69
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist/blob/master/index.js#L69
14
reference_url https://github.com/substack/minimist/issues/164
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist/issues/164
15
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
16
reference_url https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
17
reference_url https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2066009
reference_id 2066009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2066009
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44906
reference_id CVE-2021-44906
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44906
20
reference_url https://github.com/advisories/GHSA-xvch-5gv4-984h
reference_id GHSA-xvch-5gv4-984h
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xvch-5gv4-984h
21
reference_url https://access.redhat.com/errata/RHSA-2022:1739
reference_id RHSA-2022:1739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1739
22
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
23
reference_url https://access.redhat.com/errata/RHSA-2022:5069
reference_id RHSA-2022:5069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5069
24
reference_url https://access.redhat.com/errata/RHSA-2022:5892
reference_id RHSA-2022:5892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5892
25
reference_url https://access.redhat.com/errata/RHSA-2022:5893
reference_id RHSA-2022:5893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5893
26
reference_url https://access.redhat.com/errata/RHSA-2022:5894
reference_id RHSA-2022:5894
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5894
27
reference_url https://access.redhat.com/errata/RHSA-2022:5928
reference_id RHSA-2022:5928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5928
28
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
29
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
30
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
31
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
32
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
33
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
34
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
35
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
36
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2021-44906, GHSA-xvch-5gv4-984h
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-turp-dju7-c7fx
3
url VCID-v72h-ew1u-xfcz
vulnerability_id VCID-v72h-ew1u-xfcz
summary 
minimatch ReDoS vulnerability
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3517.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3517.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3517
reference_id
reference_type
scores
0
value 0.00452
scoring_system epss
scoring_elements 0.63691
published_at 2026-04-02T12:55:00Z
1
value 0.00452
scoring_system epss
scoring_elements 0.63677
published_at 2026-04-07T12:55:00Z
2
value 0.00452
scoring_system epss
scoring_elements 0.63717
published_at 2026-04-04T12:55:00Z
3
value 0.00452
scoring_system epss
scoring_elements 0.63746
published_at 2026-04-09T12:55:00Z
4
value 0.00452
scoring_system epss
scoring_elements 0.63728
published_at 2026-04-08T12:55:00Z
5
value 0.00464
scoring_system epss
scoring_elements 0.6437
published_at 2026-04-11T12:55:00Z
6
value 0.00476
scoring_system epss
scoring_elements 0.64922
published_at 2026-04-16T12:55:00Z
7
value 0.0049
scoring_system epss
scoring_elements 0.65601
published_at 2026-04-24T12:55:00Z
8
value 0.0049
scoring_system epss
scoring_elements 0.65581
published_at 2026-04-12T12:55:00Z
9
value 0.0049
scoring_system epss
scoring_elements 0.65553
published_at 2026-04-13T12:55:00Z
10
value 0.0049
scoring_system epss
scoring_elements 0.65602
published_at 2026-04-18T12:55:00Z
11
value 0.0049
scoring_system epss
scoring_elements 0.65586
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3517
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517
3
reference_url https://github.com/grafana/grafana-image-renderer/issues/329
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-13T13:40:25Z/
url https://github.com/grafana/grafana-image-renderer/issues/329
4
reference_url https://github.com/isaacs/minimatch
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/minimatch
5
reference_url https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-13T13:40:25Z/
url https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6
6
reference_url https://github.com/nodejs/node/issues/42510
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/node/issues/42510
7
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-13T13:40:25Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3517
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3517
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2134609
reference_id 2134609
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2134609
12
reference_url https://github.com/advisories/GHSA-f8q6-p94x-37v3
reference_id GHSA-f8q6-p94x-37v3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f8q6-p94x-37v3
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/
reference_id MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-13T13:40:25Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/
14
reference_url https://access.redhat.com/errata/RHSA-2022:8832
reference_id RHSA-2022:8832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8832
15
reference_url https://access.redhat.com/errata/RHSA-2022:8833
reference_id RHSA-2022:8833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8833
16
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
17
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
18
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
19
reference_url https://access.redhat.com/errata/RHSA-2023:0471
reference_id RHSA-2023:0471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0471
20
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
21
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
22
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
23
reference_url https://access.redhat.com/errata/RHSA-2023:1743
reference_id RHSA-2023:1743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1743
24
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
25
reference_url https://access.redhat.com/errata/RHSA-2025:11814
reference_id RHSA-2025:11814
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11814
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/
reference_id UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-13T13:40:25Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/
27
reference_url https://usn.ubuntu.com/6086-1/
reference_id USN-6086-1
reference_type
scores
url https://usn.ubuntu.com/6086-1/
fixed_packages
aliases CVE-2022-3517, GHSA-f8q6-p94x-37v3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v72h-ew1u-xfcz
4
url VCID-x4yh-ez8g-6ya1
vulnerability_id VCID-x4yh-ez8g-6ya1
summary 
URL Redirection to Untrusted Site ('Open Redirect')
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0235.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0235.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0235
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52383
published_at 2026-04-24T12:55:00Z
1
value 0.0029
scoring_system epss
scoring_elements 0.52435
published_at 2026-04-21T12:55:00Z
2
value 0.0029
scoring_system epss
scoring_elements 0.52451
published_at 2026-04-18T12:55:00Z
3
value 0.0029
scoring_system epss
scoring_elements 0.52445
published_at 2026-04-16T12:55:00Z
4
value 0.00534
scoring_system epss
scoring_elements 0.67416
published_at 2026-04-08T12:55:00Z
5
value 0.00534
scoring_system epss
scoring_elements 0.67364
published_at 2026-04-07T12:55:00Z
6
value 0.00534
scoring_system epss
scoring_elements 0.67386
published_at 2026-04-04T12:55:00Z
7
value 0.00534
scoring_system epss
scoring_elements 0.67363
published_at 2026-04-02T12:55:00Z
8
value 0.00534
scoring_system epss
scoring_elements 0.67327
published_at 2026-04-01T12:55:00Z
9
value 0.00534
scoring_system epss
scoring_elements 0.67404
published_at 2026-04-13T12:55:00Z
10
value 0.00534
scoring_system epss
scoring_elements 0.67438
published_at 2026-04-12T12:55:00Z
11
value 0.00534
scoring_system epss
scoring_elements 0.6745
published_at 2026-04-11T12:55:00Z
12
value 0.00534
scoring_system epss
scoring_elements 0.67429
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0235
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0235
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/node-fetch/node-fetch
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/node-fetch/node-fetch
6
reference_url https://github.com/node-fetch/node-fetch/commit/1ef4b560a17e644a02a3bfdea7631ffeee578b35
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/node-fetch/node-fetch/commit/1ef4b560a17e644a02a3bfdea7631ffeee578b35
7
reference_url https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10
8
reference_url https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60
9
reference_url https://github.com/node-fetch/node-fetch/pull/1449/commits/5c32f002fdd65b1c6a8f1e3620210813d45c7e60
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/node-fetch/node-fetch/pull/1449/commits/5c32f002fdd65b1c6a8f1e3620210813d45c7e60
10
reference_url https://github.com/node-fetch/node-fetch/pull/1453
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/node-fetch/node-fetch/pull/1453
11
reference_url https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7
12
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044591
reference_id 2044591
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044591
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0235
reference_id CVE-2022-0235
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0235
15
reference_url https://github.com/advisories/GHSA-r683-j2x4-v87g
reference_id GHSA-r683-j2x4-v87g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r683-j2x4-v87g
16
reference_url https://access.redhat.com/errata/RHSA-2022:1739
reference_id RHSA-2022:1739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1739
17
reference_url https://access.redhat.com/errata/RHSA-2022:5069
reference_id RHSA-2022:5069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5069
18
reference_url https://access.redhat.com/errata/RHSA-2022:5483
reference_id RHSA-2022:5483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5483
19
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
20
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
21
reference_url https://access.redhat.com/errata/RHSA-2022:8524
reference_id RHSA-2022:8524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8524
22
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
23
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
24
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
25
reference_url https://usn.ubuntu.com/6158-1/
reference_id USN-6158-1
reference_type
scores
url https://usn.ubuntu.com/6158-1/
fixed_packages
aliases CVE-2022-0235, GHSA-r683-j2x4-v87g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4yh-ez8g-6ya1
5
url VCID-y9aa-2a31-ufa7
vulnerability_id VCID-y9aa-2a31-ufa7
summary 
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
glob-parent 6.0.0 is vulnerable to Regular Expression Denial of Service (ReDoS). This issue is fixed in version 6.0.1.

This vulnerability is separate from [GHSA-ww39-953v-wcq6](https://github.com/advisories/GHSA-ww39-953v-wcq6).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35065.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35065.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-35065
reference_id
reference_type
scores
0
value 0.00431
scoring_system epss
scoring_elements 0.62509
published_at 2026-04-01T12:55:00Z
1
value 0.00431
scoring_system epss
scoring_elements 0.62567
published_at 2026-04-02T12:55:00Z
2
value 0.00431
scoring_system epss
scoring_elements 0.62599
published_at 2026-04-04T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70152
published_at 2026-04-09T12:55:00Z
4
value 0.00624
scoring_system epss
scoring_elements 0.70136
published_at 2026-04-08T12:55:00Z
5
value 0.00624
scoring_system epss
scoring_elements 0.70089
published_at 2026-04-07T12:55:00Z
6
value 0.00624
scoring_system epss
scoring_elements 0.70175
published_at 2026-04-11T12:55:00Z
7
value 0.00624
scoring_system epss
scoring_elements 0.70191
published_at 2026-04-16T12:55:00Z
8
value 0.00624
scoring_system epss
scoring_elements 0.70148
published_at 2026-04-13T12:55:00Z
9
value 0.00624
scoring_system epss
scoring_elements 0.70161
published_at 2026-04-12T12:55:00Z
10
value 0.00641
scoring_system epss
scoring_elements 0.70623
published_at 2026-04-18T12:55:00Z
11
value 0.00641
scoring_system epss
scoring_elements 0.70601
published_at 2026-04-21T12:55:00Z
12
value 0.00641
scoring_system epss
scoring_elements 0.70652
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-35065
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35065
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35065
3
reference_url https://github.com/gulpjs/glob-parent
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gulpjs/glob-parent
4
reference_url https://github.com/gulpjs/glob-parent/commit/32f6d52663b7addac38d0dff570d8127edf03f47
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gulpjs/glob-parent/commit/32f6d52663b7addac38d0dff570d8127edf03f47
5
reference_url https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:52:03Z/
url https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339
6
reference_url https://github.com/gulpjs/glob-parent/pull/36
reference_id
reference_type
scores
url https://github.com/gulpjs/glob-parent/pull/36
7
reference_url https://github.com/gulpjs/glob-parent/pull/49
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:52:03Z/
url https://github.com/gulpjs/glob-parent/pull/49
8
reference_url https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2
reference_id
reference_type
scores
url https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2
9
reference_url https://github.com/gulpjs/glob-parent/releases/tag/v6.0.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gulpjs/glob-parent/releases/tag/v6.0.1
10
reference_url https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1103
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1103
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-35065
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-35065
12
reference_url https://security.netapp.com/advisory/ntap-20230214-0010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230214-0010
13
reference_url https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:52:03Z/
url https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294
14
reference_url https://www.mend.io/vulnerability-database/CVE-2021-35065
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mend.io/vulnerability-database/CVE-2021-35065
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2156324
reference_id 2156324
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2156324
16
reference_url https://github.com/advisories/GHSA-cj88-88mr-972w
reference_id GHSA-cj88-88mr-972w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj88-88mr-972w
17
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
18
reference_url https://access.redhat.com/errata/RHSA-2023:0634
reference_id RHSA-2023:0634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0634
19
reference_url https://access.redhat.com/errata/RHSA-2023:0934
reference_id RHSA-2023:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0934
20
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
21
reference_url https://access.redhat.com/errata/RHSA-2023:1582
reference_id RHSA-2023:1582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1582
22
reference_url https://access.redhat.com/errata/RHSA-2023:1583
reference_id RHSA-2023:1583
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1583
23
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
24
reference_url https://access.redhat.com/errata/RHSA-2023:1743
reference_id RHSA-2023:1743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1743
25
reference_url https://access.redhat.com/errata/RHSA-2023:2654
reference_id RHSA-2023:2654
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2654
26
reference_url https://access.redhat.com/errata/RHSA-2023:2655
reference_id RHSA-2023:2655
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2655
fixed_packages
aliases CVE-2021-35065, GHSA-cj88-88mr-972w, GMS-2022-3113
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9aa-2a31-ufa7
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.20-2%3Farch=el7