Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-b7hq-5yyx-tuhs

Summary Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking.

Aliases

alias	CVE-2021-22921

Fixed_packages

url	pkg:alpm/archlinux/nodejs@16.4.1-1
purl	pkg:alpm/archlinux/nodejs@16.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/nodejs@16.4.1-1

url	pkg:deb/debian/nodejs@0?distro=trixie
purl	pkg:deb/debian/nodejs@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie

url pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie

purl pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vp3-fzdr-yqbm

vulnerability	VCID-2t7c-dju9-pff6

vulnerability	VCID-38k9-23j3-eqh7

vulnerability	VCID-43sf-4r41-wugc

vulnerability	VCID-96yh-1wub-zucg

vulnerability	VCID-98fy-tedc-ube7

vulnerability	VCID-bjza-25hu-vkad

vulnerability	VCID-dgkh-jdah-wfh9

vulnerability	VCID-dt7u-3usg-9uet

vulnerability	VCID-kj75-vmwa-gqgq

vulnerability	VCID-sag8-repb-g3f4

vulnerability	VCID-twc8-ewm7-wkb1

vulnerability	VCID-u8bq-8jp4-jkem

vulnerability	VCID-v7uy-445x-tuan

vulnerability	VCID-x1an-pjq4-nbby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie

url pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie

purl pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vp3-fzdr-yqbm

vulnerability	VCID-2t7c-dju9-pff6

vulnerability	VCID-43sf-4r41-wugc

vulnerability	VCID-96yh-1wub-zucg

vulnerability	VCID-98fy-tedc-ube7

vulnerability	VCID-bjza-25hu-vkad

vulnerability	VCID-dgkh-jdah-wfh9

vulnerability	VCID-dt7u-3usg-9uet

vulnerability	VCID-twc8-ewm7-wkb1

vulnerability	VCID-u8bq-8jp4-jkem

vulnerability	VCID-v7uy-445x-tuan

vulnerability	VCID-wf5t-3pwz-c7d7

vulnerability	VCID-x1an-pjq4-nbby

vulnerability	VCID-xkpz-pb5y-jqcy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie
purl	pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie

url	pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie
purl	pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie

Affected_packages

url pkg:alpm/archlinux/nodejs@16.4.0-1

purl pkg:alpm/archlinux/nodejs@16.4.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4kjh-zmaz-tqb7

vulnerability	VCID-b7hq-5yyx-tuhs

vulnerability	VCID-nj6f-gujk-wqah

vulnerability	VCID-w93e-wkm9-kuex

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/nodejs@16.4.0-1

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-22921

reference_id

reference_type

scores

value	0.00527
scoring_system	epss
scoring_elements	0.67167
published_at	2026-04-18T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67048
published_at	2026-04-01T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67085
published_at	2026-04-02T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67109
published_at	2026-04-04T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67083
published_at	2026-04-07T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67133
published_at	2026-04-08T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67145
published_at	2026-04-09T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67164
published_at	2026-04-11T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.6715
published_at	2026-04-12T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67119
published_at	2026-04-13T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67152
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-22921

reference_url

https://security.archlinux.org/AVG-2130

reference_id

AVG-2130

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2130

Weaknesses

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7hq-5yyx-tuhs

Vulnerability Instance