Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:apk/alpine/nodejs@0?arch=x86_64&distroversion=v3.15&reponame=main
purl pkg:apk/alpine/nodejs@0?arch=x86_64&distroversion=v3.15&reponame=main
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-7tpb-9zrz-e7e1 Multiple vulnerabilities have been discovered in Node.js. CVE-2022-32212
VCID-pqzm-ped7-vkff Improper Input Validation Next handling invalid or malformed URLs could lead to a server crash. Deployments on Vercel are not affected, along with similar environments where invalid requests are filtered before reaching Next.js. CVE-2021-43803
GHSA-25mp-g6fv-mqxx
VCID-tpck-fwrj-ruaq Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability. CVE-2022-32223

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-06T04:51:33.768066+00:00 Alpine Linux Importer Fixing VCID-pqzm-ped7-vkff https://secdb.alpinelinux.org/v3.15/main.json 38.1.0
2026-04-03T17:43:29.073490+00:00 Alpine Linux Importer Fixing VCID-7tpb-9zrz-e7e1 https://secdb.alpinelinux.org/v3.15/main.json 38.1.0
2026-04-01T18:53:20.526052+00:00 Alpine Linux Importer Fixing VCID-tpck-fwrj-ruaq https://secdb.alpinelinux.org/v3.15/main.json 38.0.0