VulnerableCode Package Details - pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie

Essentials
History (24)

purl	pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (8)

Vulnerability	Summary	Aliases
VCID-2z1f-7jkw-17av	Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.	CVE-2024-27982
VCID-9yq7-aba3-c7c3	Multiple vulnerabilities have been discovered in Node.js.	CVE-2023-32559
VCID-bx67-aud6-b3fa	Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.	CVE-2024-22025
VCID-e6gj-fe31-kkh5	Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.	CVE-2023-46809
VCID-e7u5-356v-jbg7	Multiple vulnerabilities have been discovered in Node.js.	CVE-2023-30590
VCID-nenk-4cgd-fugv	Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.	CVE-2024-27983
VCID-vkvx-gxbu-3uau	Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.	CVE-2024-22019
VCID-zstw-3wmu-u3c8	llhttp vulnerable to HTTP request smuggling The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20	CVE-2023-30589 GHSA-cggh-pq45-6h9x

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:30:02.538779+00:00	Debian Importer	Fixing	VCID-bx67-aud6-b3fa	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:04:11.351110+00:00	Debian Importer	Fixing	VCID-9yq7-aba3-c7c3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:14:35.428225+00:00	Debian Importer	Fixing	VCID-e7u5-356v-jbg7	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:01:32.880777+00:00	Debian Importer	Fixing	VCID-2z1f-7jkw-17av	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:50:00.741580+00:00	Debian Importer	Fixing	VCID-e6gj-fe31-kkh5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:41:44.754855+00:00	Debian Importer	Fixing	VCID-zstw-3wmu-u3c8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:59:11.648348+00:00	Debian Importer	Fixing	VCID-nenk-4cgd-fugv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:43:37.854418+00:00	Debian Importer	Fixing	VCID-vkvx-gxbu-3uau	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:08:42.590624+00:00	Debian Importer	Fixing	VCID-bx67-aud6-b3fa	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:20:09.029005+00:00	Debian Importer	Fixing	VCID-9yq7-aba3-c7c3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:02:32.767352+00:00	Debian Importer	Fixing	VCID-vkvx-gxbu-3uau	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:22:15.877167+00:00	Debian Importer	Fixing	VCID-e7u5-356v-jbg7	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:43:23.592087+00:00	Debian Importer	Fixing	VCID-2z1f-7jkw-17av	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:34:19.438426+00:00	Debian Importer	Fixing	VCID-e6gj-fe31-kkh5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:26:56.721994+00:00	Debian Importer	Fixing	VCID-zstw-3wmu-u3c8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:01:36.704054+00:00	Debian Importer	Fixing	VCID-nenk-4cgd-fugv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:47:25.374570+00:00	Debian Importer	Fixing	VCID-nenk-4cgd-fugv	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:25.317934+00:00	Debian Importer	Fixing	VCID-2z1f-7jkw-17av	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:25.222970+00:00	Debian Importer	Fixing	VCID-bx67-aud6-b3fa	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:25.122638+00:00	Debian Importer	Fixing	VCID-vkvx-gxbu-3uau	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:24.793513+00:00	Debian Importer	Fixing	VCID-e6gj-fe31-kkh5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:24.524530+00:00	Debian Importer	Fixing	VCID-9yq7-aba3-c7c3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:24.162516+00:00	Debian Importer	Fixing	VCID-e7u5-356v-jbg7	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:47:24.096508+00:00	Debian Importer	Fixing	VCID-zstw-3wmu-u3c8	https://security-tracker.debian.org/tracker/data/json	38.1.0