VulnerableCode Package Details - pkg:apk/alpine/nodejs@0?arch=armhf&distroversion=v3.21&reponame=main

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5781-s1ny-q7ey		CVE-2023-44487 GHSA-2m7v-gc89-fjqf GHSA-qppj-fm5r-hxr3 GHSA-vx74-f528-fxqg GHSA-xpw8-rcwv-8f8p GMS-2023-3377 VSV00013
VCID-7tpb-9zrz-e7e1	Multiple vulnerabilities have been discovered in Node.js.	CVE-2022-32212
VCID-b1vd-c8xt-dqc6	Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.	CVE-2024-36138
VCID-p9sg-8byk-eydy	Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.	CVE-2024-37372
VCID-pqzm-ped7-vkff	Improper Input Validation Next handling invalid or malformed URLs could lead to a server crash. Deployments on Vercel are not affected, along with similar environments where invalid requests are filtered before reaching Next.js.	CVE-2021-43803 GHSA-25mp-g6fv-mqxx

Vulnerability

Summary

Aliases

VCID-5781-s1ny-q7ey

CVE-2023-44487
GHSA-2m7v-gc89-fjqf
GHSA-qppj-fm5r-hxr3
GHSA-vx74-f528-fxqg
GHSA-xpw8-rcwv-8f8p
GMS-2023-3377
VSV00013

VCID-7tpb-9zrz-e7e1

Multiple vulnerabilities have been discovered in Node.js.

CVE-2022-32212

VCID-b1vd-c8xt-dqc6

Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.

CVE-2024-36138

VCID-p9sg-8byk-eydy

Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.

CVE-2024-37372

VCID-pqzm-ped7-vkff

Improper Input Validation Next handling invalid or malformed URLs could lead to a server crash. Deployments on Vercel are not affected, along with similar environments where invalid requests are filtered before reaching Next.js.

CVE-2021-43803
GHSA-25mp-g6fv-mqxx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-08T06:23:21.010857+00:00	Alpine Linux Importer	Fixing	VCID-p9sg-8byk-eydy	https://secdb.alpinelinux.org/v3.21/main.json	38.1.0
2026-04-01T19:11:48.780746+00:00	Alpine Linux Importer	Fixing	VCID-b1vd-c8xt-dqc6	https://secdb.alpinelinux.org/v3.21/main.json	38.0.0
2026-04-01T19:06:25.037992+00:00	Alpine Linux Importer	Fixing	VCID-5781-s1ny-q7ey	https://secdb.alpinelinux.org/v3.21/main.json	38.0.0
2026-04-01T18:56:00.977748+00:00	Alpine Linux Importer	Fixing	VCID-7tpb-9zrz-e7e1	https://secdb.alpinelinux.org/v3.21/main.json	38.0.0
2026-04-01T18:53:41.830045+00:00	Alpine Linux Importer	Fixing	VCID-pqzm-ped7-vkff	https://secdb.alpinelinux.org/v3.21/main.json	38.0.0