VulnerableCode Package Details - pkg:deb/debian/node-hoek@9.1.0%2B~cs10.1.0-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/node-hoek@9.1.0%2B~cs10.1.0-1

purl	pkg:deb/debian/node-hoek@9.1.0%2B~cs10.1.0-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-f9fx-rs6v-x7d4	hoek subject to prototype pollution via the clone function. hoek versions prior to 8.5.1, and 9.x prior to 9.0.3 are vulnerable to prototype pollution in the clone function. If an object with the __proto__ key is passed to clone() the key is converted to a prototype. This issue has been patched in version 9.0.3, and backported to 8.5.1.	CVE-2020-36604 GHSA-c429-5p7v-vgjp

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T15:53:09.193294+00:00	Debian Oval Importer	Fixing	VCID-f9fx-rs6v-x7d4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T15:40:45.674471+00:00	Debian Oval Importer	Fixing	VCID-f9fx-rs6v-x7d4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T15:34:38.427025+00:00	Debian Oval Importer	Fixing	VCID-f9fx-rs6v-x7d4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0