Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-6?arch=el7
Typerpm
Namespaceredhat
Namerh-nodejs14-nodejs-nodemon
Version2.0.3-6
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1tz4-bphw-rbd3
vulnerability_id VCID-1tz4-bphw-rbd3
summary 
Path Traversal
This npm package has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37701.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37701.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37701
reference_id
reference_type
scores
0
value 0.0011
scoring_system epss
scoring_elements 0.29231
published_at 2026-04-24T12:55:00Z
1
value 0.0011
scoring_system epss
scoring_elements 0.29453
published_at 2026-04-01T12:55:00Z
2
value 0.0011
scoring_system epss
scoring_elements 0.29519
published_at 2026-04-02T12:55:00Z
3
value 0.0011
scoring_system epss
scoring_elements 0.29567
published_at 2026-04-04T12:55:00Z
4
value 0.0011
scoring_system epss
scoring_elements 0.29388
published_at 2026-04-07T12:55:00Z
5
value 0.0011
scoring_system epss
scoring_elements 0.29452
published_at 2026-04-08T12:55:00Z
6
value 0.0011
scoring_system epss
scoring_elements 0.29492
published_at 2026-04-09T12:55:00Z
7
value 0.0011
scoring_system epss
scoring_elements 0.29495
published_at 2026-04-11T12:55:00Z
8
value 0.0011
scoring_system epss
scoring_elements 0.2945
published_at 2026-04-12T12:55:00Z
9
value 0.0011
scoring_system epss
scoring_elements 0.29398
published_at 2026-04-13T12:55:00Z
10
value 0.0011
scoring_system epss
scoring_elements 0.29417
published_at 2026-04-16T12:55:00Z
11
value 0.0011
scoring_system epss
scoring_elements 0.2939
published_at 2026-04-18T12:55:00Z
12
value 0.0011
scoring_system epss
scoring_elements 0.29345
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37701
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/npm/node-tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar
7
reference_url https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
8
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
9
reference_url https://www.debian.org/security/2021/dsa-5008
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5008
10
reference_url https://www.npmjs.com/package/tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/tar
11
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999731
reference_id 1999731
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999731
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37701
reference_id CVE-2021-37701
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37701
14
reference_url https://github.com/advisories/GHSA-9r2w-394v-53qc
reference_id GHSA-9r2w-394v-53qc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9r2w-394v-53qc
15
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
16
reference_url https://access.redhat.com/errata/RHSA-2021:5086
reference_id RHSA-2021:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5086
17
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
18
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
19
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
20
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
aliases CVE-2021-37701, GHSA-9r2w-394v-53qc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1tz4-bphw-rbd3
1
url VCID-7mtb-yaq7-77ep
vulnerability_id VCID-7mtb-yaq7-77ep
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The npm package "tar" (aka node-tar) has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37712.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37712.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37712
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24623
published_at 2026-04-01T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24548
published_at 2026-04-18T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24557
published_at 2026-04-16T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24545
published_at 2026-04-13T12:55:00Z
4
value 0.00085
scoring_system epss
scoring_elements 0.246
published_at 2026-04-12T12:55:00Z
5
value 0.00085
scoring_system epss
scoring_elements 0.24643
published_at 2026-04-11T12:55:00Z
6
value 0.00085
scoring_system epss
scoring_elements 0.24626
published_at 2026-04-09T12:55:00Z
7
value 0.00085
scoring_system epss
scoring_elements 0.2458
published_at 2026-04-08T12:55:00Z
8
value 0.00085
scoring_system epss
scoring_elements 0.24509
published_at 2026-04-07T12:55:00Z
9
value 0.00085
scoring_system epss
scoring_elements 0.24737
published_at 2026-04-04T12:55:00Z
10
value 0.00085
scoring_system epss
scoring_elements 0.24698
published_at 2026-04-02T12:55:00Z
11
value 0.00085
scoring_system epss
scoring_elements 0.24468
published_at 2026-04-24T12:55:00Z
12
value 0.00085
scoring_system epss
scoring_elements 0.24523
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37712
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/isaacs/node-tar/commit/1739408d3122af897caefd09662bce2ea477533b
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/1739408d3122af897caefd09662bce2ea477533b
7
reference_url https://github.com/isaacs/node-tar/commit/2f1bca027286c23e110b8dfc7efc10756fa3db5a
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/2f1bca027286c23e110b8dfc7efc10756fa3db5a
8
reference_url https://github.com/isaacs/node-tar/commit/3aaf19b2501bbddb145d92b3322c80dcaed3c35f
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/3aaf19b2501bbddb145d92b3322c80dcaed3c35f
9
reference_url https://github.com/isaacs/node-tar/commit/b6162c7fafe797f856564ef37f4b82747f051455
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/b6162c7fafe797f856564ef37f4b82747f051455
10
reference_url https://github.com/isaacs/node-tar/commit/bb93ba243746f705092905da1955ac3b0509ba1e
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/bb93ba243746f705092905da1955ac3b0509ba1e
11
reference_url https://github.com/isaacs/node-tar/commit/d56f790bda9fea807dd80c5083f24771dbdd6eb1
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/d56f790bda9fea807dd80c5083f24771dbdd6eb1
12
reference_url https://github.com/npm/node-tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar
13
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
14
reference_url https://www.debian.org/security/2021/dsa-5008
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5008
15
reference_url https://www.npmjs.com/package/tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/tar
16
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999739
reference_id 1999739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999739
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993981
reference_id 993981
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993981
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37712
reference_id CVE-2021-37712
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37712
20
reference_url https://github.com/advisories/GHSA-qq89-hq3f-393p
reference_id GHSA-qq89-hq3f-393p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qq89-hq3f-393p
21
reference_url https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
reference_id GHSA-qq89-hq3f-393p
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
22
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
23
reference_url https://access.redhat.com/errata/RHSA-2021:5086
reference_id RHSA-2021:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5086
24
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
25
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
26
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
27
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
aliases CVE-2021-37712, GHSA-qq89-hq3f-393p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mtb-yaq7-77ep
2
url VCID-c86y-234c-s3hu
vulnerability_id VCID-c86y-234c-s3hu
summary ansi-regex is vulnerable to Inefficient Regular Expression Complexity
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3807.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3807.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3807
reference_id
reference_type
scores
0
value 0.00215
scoring_system epss
scoring_elements 0.43981
published_at 2026-04-24T12:55:00Z
1
value 0.00215
scoring_system epss
scoring_elements 0.4403
published_at 2026-04-21T12:55:00Z
2
value 0.00215
scoring_system epss
scoring_elements 0.44096
published_at 2026-04-18T12:55:00Z
3
value 0.00215
scoring_system epss
scoring_elements 0.44021
published_at 2026-04-01T12:55:00Z
4
value 0.00215
scoring_system epss
scoring_elements 0.44105
published_at 2026-04-16T12:55:00Z
5
value 0.00215
scoring_system epss
scoring_elements 0.44043
published_at 2026-04-13T12:55:00Z
6
value 0.00215
scoring_system epss
scoring_elements 0.44059
published_at 2026-04-12T12:55:00Z
7
value 0.00215
scoring_system epss
scoring_elements 0.44069
published_at 2026-04-02T12:55:00Z
8
value 0.00215
scoring_system epss
scoring_elements 0.44092
published_at 2026-04-11T12:55:00Z
9
value 0.00215
scoring_system epss
scoring_elements 0.44023
published_at 2026-04-07T12:55:00Z
10
value 0.00215
scoring_system epss
scoring_elements 0.44076
published_at 2026-04-09T12:55:00Z
11
value 0.00215
scoring_system epss
scoring_elements 0.44074
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3807
2
reference_url https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/chalk/ansi-regex
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex
6
reference_url https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1
7
reference_url https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9a
8
reference_url https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
9
reference_url https://github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8
10
reference_url https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311
11
reference_url https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774
12
reference_url https://github.com/chalk/ansi-regex/releases/tag/v6.0.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/chalk/ansi-regex/releases/tag/v6.0.1
13
reference_url https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
14
reference_url https://security.netapp.com/advisory/ntap-20221014-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221014-0002
15
reference_url https://security.netapp.com/advisory/ntap-20221014-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20221014-0002/
16
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2007557
reference_id 2007557
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2007557
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994568
reference_id 994568
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994568
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3807
reference_id CVE-2021-3807
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3807
20
reference_url https://github.com/advisories/GHSA-93q8-gq69-wqmw
reference_id GHSA-93q8-gq69-wqmw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-93q8-gq69-wqmw
21
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
22
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
23
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
24
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
25
reference_url https://access.redhat.com/errata/RHSA-2022:4711
reference_id RHSA-2022:4711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4711
26
reference_url https://access.redhat.com/errata/RHSA-2022:4814
reference_id RHSA-2022:4814
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4814
27
reference_url https://access.redhat.com/errata/RHSA-2022:5483
reference_id RHSA-2022:5483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5483
28
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
29
reference_url https://access.redhat.com/errata/RHSA-2022:5555
reference_id RHSA-2022:5555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5555
30
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
31
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
32
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
aliases CVE-2021-3807, GHSA-93q8-gq69-wqmw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c86y-234c-s3hu
3
url VCID-gwyr-ac4e-dqfa
vulnerability_id VCID-gwyr-ac4e-dqfa
summary 
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
The llhttp parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22959
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43692
published_at 2026-04-01T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43652
published_at 2026-04-24T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43783
published_at 2026-04-18T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43715
published_at 2026-04-21T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.43747
published_at 2026-04-02T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.43772
published_at 2026-04-04T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43706
published_at 2026-04-07T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43756
published_at 2026-04-08T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43759
published_at 2026-04-09T12:55:00Z
9
value 0.00212
scoring_system epss
scoring_elements 0.43779
published_at 2026-04-11T12:55:00Z
10
value 0.00212
scoring_system epss
scoring_elements 0.43746
published_at 2026-04-12T12:55:00Z
11
value 0.00212
scoring_system epss
scoring_elements 0.4373
published_at 2026-04-13T12:55:00Z
12
value 0.00212
scoring_system epss
scoring_elements 0.43791
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22959
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1238709
reference_id
reference_type
scores
url https://hackerone.com/reports/1238709
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2014057
reference_id 2014057
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2014057
11
reference_url https://security.archlinux.org/ASA-202110-4
reference_id ASA-202110-4
reference_type
scores
url https://security.archlinux.org/ASA-202110-4
12
reference_url https://security.archlinux.org/AVG-2460
reference_id AVG-2460
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2460
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22959
reference_id CVE-2021-22959
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22959
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
16
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
17
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
18
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
aliases CVE-2021-22959
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gwyr-ac4e-dqfa
4
url VCID-hwk3-sg9p-wqe7
vulnerability_id VCID-hwk3-sg9p-wqe7
summary 
json-schema is vulnerable to Prototype Pollution
json-schema before version 0.4.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution').
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3918.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3918.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3918
reference_id
reference_type
scores
0
value 0.01262
scoring_system epss
scoring_elements 0.79497
published_at 2026-04-24T12:55:00Z
1
value 0.01262
scoring_system epss
scoring_elements 0.79384
published_at 2026-04-01T12:55:00Z
2
value 0.01262
scoring_system epss
scoring_elements 0.79391
published_at 2026-04-02T12:55:00Z
3
value 0.01262
scoring_system epss
scoring_elements 0.79413
published_at 2026-04-04T12:55:00Z
4
value 0.01262
scoring_system epss
scoring_elements 0.794
published_at 2026-04-07T12:55:00Z
5
value 0.01262
scoring_system epss
scoring_elements 0.79428
published_at 2026-04-08T12:55:00Z
6
value 0.01262
scoring_system epss
scoring_elements 0.79437
published_at 2026-04-09T12:55:00Z
7
value 0.01262
scoring_system epss
scoring_elements 0.7946
published_at 2026-04-11T12:55:00Z
8
value 0.01262
scoring_system epss
scoring_elements 0.79443
published_at 2026-04-12T12:55:00Z
9
value 0.01262
scoring_system epss
scoring_elements 0.79433
published_at 2026-04-13T12:55:00Z
10
value 0.01262
scoring_system epss
scoring_elements 0.79464
published_at 2026-04-16T12:55:00Z
11
value 0.01262
scoring_system epss
scoring_elements 0.79462
published_at 2026-04-18T12:55:00Z
12
value 0.01262
scoring_system epss
scoring_elements 0.79466
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3918
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3918
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/kriszyp/json-schema
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/kriszyp/json-schema
5
reference_url https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
6
reference_url https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
7
reference_url https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
8
reference_url https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9
9
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00013.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/12/msg00013.html
10
reference_url https://security.netapp.com/advisory/ntap-20250117-0004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250117-0004
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2024702
reference_id 2024702
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2024702
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999765
reference_id 999765
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999765
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3918
reference_id CVE-2021-3918
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3918
14
reference_url https://github.com/advisories/GHSA-896r-f27r-55mw
reference_id GHSA-896r-f27r-55mw
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-896r-f27r-55mw
15
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
16
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
17
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
18
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
20
reference_url https://usn.ubuntu.com/6103-1/
reference_id USN-6103-1
reference_type
scores
url https://usn.ubuntu.com/6103-1/
fixed_packages
aliases CVE-2021-3918, GHSA-896r-f27r-55mw
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hwk3-sg9p-wqe7
5
url VCID-tnhd-rr89-9udh
vulnerability_id VCID-tnhd-rr89-9udh
summary 
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
The parse function in llhttp ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22960
reference_id
reference_type
scores
0
value 0.00229
scoring_system epss
scoring_elements 0.45642
published_at 2026-04-01T12:55:00Z
1
value 0.00229
scoring_system epss
scoring_elements 0.45651
published_at 2026-04-24T12:55:00Z
2
value 0.00229
scoring_system epss
scoring_elements 0.45773
published_at 2026-04-18T12:55:00Z
3
value 0.00229
scoring_system epss
scoring_elements 0.4572
published_at 2026-04-21T12:55:00Z
4
value 0.00229
scoring_system epss
scoring_elements 0.45709
published_at 2026-04-02T12:55:00Z
5
value 0.00229
scoring_system epss
scoring_elements 0.45729
published_at 2026-04-13T12:55:00Z
6
value 0.00229
scoring_system epss
scoring_elements 0.45677
published_at 2026-04-07T12:55:00Z
7
value 0.00229
scoring_system epss
scoring_elements 0.45733
published_at 2026-04-08T12:55:00Z
8
value 0.00229
scoring_system epss
scoring_elements 0.45751
published_at 2026-04-11T12:55:00Z
9
value 0.00229
scoring_system epss
scoring_elements 0.45721
published_at 2026-04-12T12:55:00Z
10
value 0.00229
scoring_system epss
scoring_elements 0.45779
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1238099
reference_id
reference_type
scores
url https://hackerone.com/reports/1238099
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2014059
reference_id 2014059
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2014059
11
reference_url https://security.archlinux.org/ASA-202110-4
reference_id ASA-202110-4
reference_type
scores
url https://security.archlinux.org/ASA-202110-4
12
reference_url https://security.archlinux.org/AVG-2460
reference_id AVG-2460
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2460
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22960
reference_id CVE-2021-22960
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22960
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
16
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
17
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
18
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
aliases CVE-2021-22960
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnhd-rr89-9udh
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-6%3Farch=el7