Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-nodejs14-nodejs@14.20.1-2?arch=el7
Typerpm
Namespaceredhat
Namerh-nodejs14-nodejs
Version14.20.1-2
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-5cf7-va9h-h3gy
vulnerability_id VCID-5cf7-va9h-h3gy
summary 
Improper Certificate Validation
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js does not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44531
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22783
published_at 2026-04-01T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.22952
published_at 2026-04-02T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22996
published_at 2026-04-04T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22789
published_at 2026-04-07T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.22863
published_at 2026-04-08T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22916
published_at 2026-04-09T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22936
published_at 2026-04-11T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22899
published_at 2026-04-12T12:55:00Z
8
value 0.00076
scoring_system epss
scoring_elements 0.22843
published_at 2026-04-13T12:55:00Z
9
value 0.00076
scoring_system epss
scoring_elements 0.22856
published_at 2026-04-16T12:55:00Z
10
value 0.00076
scoring_system epss
scoring_elements 0.22851
published_at 2026-04-18T12:55:00Z
11
value 0.00076
scoring_system epss
scoring_elements 0.2281
published_at 2026-04-21T12:55:00Z
12
value 0.00076
scoring_system epss
scoring_elements 0.22647
published_at 2026-04-24T12:55:00Z
13
value 0.00076
scoring_system epss
scoring_elements 0.2264
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44531
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1429694
reference_id
reference_type
scores
url https://hackerone.com/reports/1429694
10
reference_url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
11
reference_url https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220325-0007/
12
reference_url https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url https://www.debian.org/security/2022/dsa-5170
13
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
14
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040839
reference_id 2040839
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040839
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44531
reference_id CVE-2021-44531
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44531
18
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
20
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
21
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
22
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
23
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
24
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
aliases CVE-2021-44531
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5cf7-va9h-h3gy
1
url VCID-dfdy-vhdd-5kh4
vulnerability_id VCID-dfdy-vhdd-5kh4
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35256
reference_id
reference_type
scores
0
value 0.03611
scoring_system epss
scoring_elements 0.87822
published_at 2026-04-26T12:55:00Z
1
value 0.03945
scoring_system epss
scoring_elements 0.88301
published_at 2026-04-02T12:55:00Z
2
value 0.03945
scoring_system epss
scoring_elements 0.88346
published_at 2026-04-09T12:55:00Z
3
value 0.03945
scoring_system epss
scoring_elements 0.88356
published_at 2026-04-11T12:55:00Z
4
value 0.03945
scoring_system epss
scoring_elements 0.88348
published_at 2026-04-13T12:55:00Z
5
value 0.03945
scoring_system epss
scoring_elements 0.88361
published_at 2026-04-16T12:55:00Z
6
value 0.03945
scoring_system epss
scoring_elements 0.88358
published_at 2026-04-18T12:55:00Z
7
value 0.03945
scoring_system epss
scoring_elements 0.88357
published_at 2026-04-21T12:55:00Z
8
value 0.03945
scoring_system epss
scoring_elements 0.88374
published_at 2026-04-24T12:55:00Z
9
value 0.03945
scoring_system epss
scoring_elements 0.88315
published_at 2026-04-04T12:55:00Z
10
value 0.03945
scoring_system epss
scoring_elements 0.8832
published_at 2026-04-07T12:55:00Z
11
value 0.03945
scoring_system epss
scoring_elements 0.88339
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35256
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/1675191
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:21:44Z/
url https://hackerone.com/reports/1675191
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130518
reference_id 2130518
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130518
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-35256
reference_id CVE-2022-35256
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-35256
13
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
14
reference_url https://access.redhat.com/errata/RHSA-2022:6963
reference_id RHSA-2022:6963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6963
15
reference_url https://access.redhat.com/errata/RHSA-2022:6964
reference_id RHSA-2022:6964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6964
16
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
17
reference_url https://access.redhat.com/errata/RHSA-2022:7821
reference_id RHSA-2022:7821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7821
18
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
19
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
20
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
21
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
22
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
aliases CVE-2022-35256
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dfdy-vhdd-5kh4
2
url VCID-e18p-c3m9-2qgy
vulnerability_id VCID-e18p-c3m9-2qgy
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44532
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32731
published_at 2026-04-01T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.32862
published_at 2026-04-02T12:55:00Z
2
value 0.00132
scoring_system epss
scoring_elements 0.32897
published_at 2026-04-04T12:55:00Z
3
value 0.00132
scoring_system epss
scoring_elements 0.32718
published_at 2026-04-21T12:55:00Z
4
value 0.00132
scoring_system epss
scoring_elements 0.32765
published_at 2026-04-08T12:55:00Z
5
value 0.00132
scoring_system epss
scoring_elements 0.32792
published_at 2026-04-09T12:55:00Z
6
value 0.00132
scoring_system epss
scoring_elements 0.32794
published_at 2026-04-11T12:55:00Z
7
value 0.00132
scoring_system epss
scoring_elements 0.32756
published_at 2026-04-12T12:55:00Z
8
value 0.00132
scoring_system epss
scoring_elements 0.3273
published_at 2026-04-13T12:55:00Z
9
value 0.00132
scoring_system epss
scoring_elements 0.32771
published_at 2026-04-16T12:55:00Z
10
value 0.00132
scoring_system epss
scoring_elements 0.32748
published_at 2026-04-18T12:55:00Z
11
value 0.00132
scoring_system epss
scoring_elements 0.32567
published_at 2026-04-24T12:55:00Z
12
value 0.00132
scoring_system epss
scoring_elements 0.32451
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44532
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040846
reference_id 2040846
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040846
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
13
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
14
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
15
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
16
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
17
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
aliases CVE-2021-44532
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e18p-c3m9-2qgy
3
url VCID-m5ae-uc68-d3g2
vulnerability_id VCID-m5ae-uc68-d3g2
summary 
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
This advisory has been marked as a false positive.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21824
reference_id
reference_type
scores
0
value 0.00335
scoring_system epss
scoring_elements 0.56313
published_at 2026-04-26T12:55:00Z
1
value 0.00335
scoring_system epss
scoring_elements 0.56372
published_at 2026-04-21T12:55:00Z
2
value 0.00335
scoring_system epss
scoring_elements 0.56293
published_at 2026-04-24T12:55:00Z
3
value 0.00505
scoring_system epss
scoring_elements 0.66171
published_at 2026-04-02T12:55:00Z
4
value 0.0066
scoring_system epss
scoring_elements 0.71076
published_at 2026-04-08T12:55:00Z
5
value 0.0066
scoring_system epss
scoring_elements 0.71088
published_at 2026-04-09T12:55:00Z
6
value 0.0066
scoring_system epss
scoring_elements 0.71111
published_at 2026-04-11T12:55:00Z
7
value 0.0066
scoring_system epss
scoring_elements 0.71096
published_at 2026-04-12T12:55:00Z
8
value 0.0066
scoring_system epss
scoring_elements 0.7108
published_at 2026-04-13T12:55:00Z
9
value 0.0066
scoring_system epss
scoring_elements 0.71126
published_at 2026-04-16T12:55:00Z
10
value 0.0066
scoring_system epss
scoring_elements 0.71134
published_at 2026-04-18T12:55:00Z
11
value 0.0066
scoring_system epss
scoring_elements 0.71058
published_at 2026-04-04T12:55:00Z
12
value 0.0066
scoring_system epss
scoring_elements 0.71033
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21824
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1431042
reference_id
reference_type
scores
url https://hackerone.com/reports/1431042
10
reference_url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
11
reference_url https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220325-0007/
12
reference_url https://security.netapp.com/advisory/ntap-20220729-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220729-0004/
13
reference_url https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url https://www.debian.org/security/2022/dsa-5170
14
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
15
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040862
reference_id 2040862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040862
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21824
reference_id CVE-2022-21824
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21824
19
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
20
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
21
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
22
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
23
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
24
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
25
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
aliases CVE-2022-21824
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ae-uc68-d3g2
4
url VCID-ms5y-gp7v-2qay
vulnerability_id VCID-ms5y-gp7v-2qay
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44533
reference_id
reference_type
scores
0
value 0.00364
scoring_system epss
scoring_elements 0.58442
published_at 2026-04-26T12:55:00Z
1
value 0.00364
scoring_system epss
scoring_elements 0.58467
published_at 2026-04-21T12:55:00Z
2
value 0.00364
scoring_system epss
scoring_elements 0.58429
published_at 2026-04-24T12:55:00Z
3
value 0.00421
scoring_system epss
scoring_elements 0.6192
published_at 2026-04-07T12:55:00Z
4
value 0.00421
scoring_system epss
scoring_elements 0.61969
published_at 2026-04-08T12:55:00Z
5
value 0.00421
scoring_system epss
scoring_elements 0.61987
published_at 2026-04-09T12:55:00Z
6
value 0.00421
scoring_system epss
scoring_elements 0.62008
published_at 2026-04-11T12:55:00Z
7
value 0.00421
scoring_system epss
scoring_elements 0.61997
published_at 2026-04-12T12:55:00Z
8
value 0.00421
scoring_system epss
scoring_elements 0.61977
published_at 2026-04-13T12:55:00Z
9
value 0.00421
scoring_system epss
scoring_elements 0.62019
published_at 2026-04-16T12:55:00Z
10
value 0.00421
scoring_system epss
scoring_elements 0.62024
published_at 2026-04-18T12:55:00Z
11
value 0.00421
scoring_system epss
scoring_elements 0.61846
published_at 2026-04-01T12:55:00Z
12
value 0.00421
scoring_system epss
scoring_elements 0.6195
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44533
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040856
reference_id 2040856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040856
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
13
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
14
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
15
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
16
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
17
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
aliases CVE-2021-44533
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms5y-gp7v-2qay
5
url VCID-turp-dju7-c7fx
vulnerability_id VCID-turp-dju7-c7fx
summary 
Prototype Pollution in minimist
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44906.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44906.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44906
reference_id
reference_type
scores
0
value 0.00882
scoring_system epss
scoring_elements 0.75467
published_at 2026-04-26T12:55:00Z
1
value 0.00882
scoring_system epss
scoring_elements 0.75351
published_at 2026-04-07T12:55:00Z
2
value 0.00882
scoring_system epss
scoring_elements 0.75462
published_at 2026-04-24T12:55:00Z
3
value 0.00882
scoring_system epss
scoring_elements 0.75428
published_at 2026-04-21T12:55:00Z
4
value 0.00882
scoring_system epss
scoring_elements 0.75438
published_at 2026-04-18T12:55:00Z
5
value 0.00882
scoring_system epss
scoring_elements 0.75432
published_at 2026-04-16T12:55:00Z
6
value 0.00882
scoring_system epss
scoring_elements 0.75391
published_at 2026-04-13T12:55:00Z
7
value 0.00882
scoring_system epss
scoring_elements 0.75402
published_at 2026-04-12T12:55:00Z
8
value 0.00882
scoring_system epss
scoring_elements 0.75424
published_at 2026-04-11T12:55:00Z
9
value 0.00882
scoring_system epss
scoring_elements 0.75404
published_at 2026-04-09T12:55:00Z
10
value 0.00882
scoring_system epss
scoring_elements 0.75395
published_at 2026-04-08T12:55:00Z
11
value 0.00882
scoring_system epss
scoring_elements 0.75337
published_at 2026-04-01T12:55:00Z
12
value 0.00882
scoring_system epss
scoring_elements 0.7534
published_at 2026-04-02T12:55:00Z
13
value 0.00882
scoring_system epss
scoring_elements 0.75372
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44906
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip
5
reference_url https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703
6
reference_url https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb
7
reference_url https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d
8
reference_url https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11
9
reference_url https://github.com/minimistjs/minimist/commits/v0.2.4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/commits/v0.2.4
10
reference_url https://github.com/minimistjs/minimist/issues/11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/issues/11
11
reference_url https://github.com/minimistjs/minimist/pull/24
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/minimistjs/minimist/pull/24
12
reference_url https://github.com/substack/minimist
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist
13
reference_url https://github.com/substack/minimist/blob/master/index.js#L69
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist/blob/master/index.js#L69
14
reference_url https://github.com/substack/minimist/issues/164
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/substack/minimist/issues/164
15
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
16
reference_url https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
17
reference_url https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2066009
reference_id 2066009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2066009
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44906
reference_id CVE-2021-44906
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44906
20
reference_url https://github.com/advisories/GHSA-xvch-5gv4-984h
reference_id GHSA-xvch-5gv4-984h
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xvch-5gv4-984h
21
reference_url https://access.redhat.com/errata/RHSA-2022:1739
reference_id RHSA-2022:1739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1739
22
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
23
reference_url https://access.redhat.com/errata/RHSA-2022:5069
reference_id RHSA-2022:5069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5069
24
reference_url https://access.redhat.com/errata/RHSA-2022:5892
reference_id RHSA-2022:5892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5892
25
reference_url https://access.redhat.com/errata/RHSA-2022:5893
reference_id RHSA-2022:5893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5893
26
reference_url https://access.redhat.com/errata/RHSA-2022:5894
reference_id RHSA-2022:5894
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5894
27
reference_url https://access.redhat.com/errata/RHSA-2022:5928
reference_id RHSA-2022:5928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5928
28
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
29
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
30
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
31
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
32
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
33
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
34
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
35
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
36
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2021-44906, GHSA-xvch-5gv4-984h
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-turp-dju7-c7fx
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-nodejs14-nodejs@14.20.1-2%3Farch=el7