Search for packages
| purl | pkg:rpm/redhat/nodejs-yargs@3.24.0-1?arch=el7aos |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ep8y-hq9y-afcu
Aliases: CVE-2017-15138 |
atomic-openshift: cluster-reader can escalate to creating builds via webhooks in any project | There are no reported fixed by versions. |
|
VCID-jqgq-yvxr-r7hs
Aliases: CVE-2017-12195 |
3: authentication bypass for elasticsearch with external routes | There are no reported fixed by versions. |
|
VCID-u9ph-5sbd-mfgp
Aliases: CVE-2018-1000169 GHSA-cpw3-x7gf-p872 |
Information Exposure Jenkins allows unauthorized attackers to confirm the existence of agents or views with an attacker-specified name by sending a CLI command to Jenkins. | There are no reported fixed by versions. |
|
VCID-vtvy-ec7a-xua9
Aliases: CVE-2017-15137 |
atomic-openshift: image import whitelist can be bypassed by creating an imagestream or using oc tag | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:27:00.813262+00:00 | RedHat Importer | Affected by | VCID-jqgq-yvxr-r7hs | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12195.json | 38.0.0 |
| 2026-04-01T14:25:39.966256+00:00 | RedHat Importer | Affected by | VCID-vtvy-ec7a-xua9 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15137.json | 38.0.0 |
| 2026-04-01T14:25:32.459600+00:00 | RedHat Importer | Affected by | VCID-u9ph-5sbd-mfgp | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000169.json | 38.0.0 |
| 2026-04-01T14:25:29.148645+00:00 | RedHat Importer | Affected by | VCID-ep8y-hq9y-afcu | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15138.json | 38.0.0 |