VulnerableCode Package Details - pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1?arch=el7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1?arch=el7

Essentials
History (6)

purl	pkg:rpm/redhat/rh-nodejs8-nodejs@8.16.0-1?arch=el7

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.0

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-1bhj-vafz-4ya8 Aliases: CVE-2018-12122	Multiple vulnerabilities have been found in Node.js, worst of which could allow remote attackers to write arbitrary files.	There are no reported fixed by versions.
VCID-9v22-ened-4bg2 Aliases: CVE-2018-12123	Multiple vulnerabilities have been found in Node.js, worst of which could allow remote attackers to write arbitrary files.	There are no reported fixed by versions.
VCID-f7ch-ze7a-d7gr Aliases: CVE-2018-12116	Multiple vulnerabilities have been found in Node.js, worst of which could allow remote attackers to write arbitrary files.	There are no reported fixed by versions.
VCID-mr9t-dr17-w3ah Aliases: CVE-2018-20834 GHSA-j44m-qm6p-hp7m	Improper Link Resolution Before File Access ('Link Following') A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2). An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as the hardlink. This plain file content replaces the existing file content. A patch has been applied to node-tar v2.2.2).	There are no reported fixed by versions.
VCID-us11-vy4j-pfd2 Aliases: CVE-2019-5737	Multiple vulnerabilities have been found in Node.js, worst of which could allow remote attackers to write arbitrary files.	There are no reported fixed by versions.
VCID-zrbm-htvv-eke9 Aliases: CVE-2018-12121	Multiple vulnerabilities have been found in Node.js, worst of which could allow remote attackers to write arbitrary files.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:25:06.463498+00:00	RedHat Importer	Affected by	VCID-mr9t-dr17-w3ah	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20834.json	38.0.0
2026-04-01T14:21:33.410022+00:00	RedHat Importer	Affected by	VCID-9v22-ened-4bg2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12123.json	38.0.0
2026-04-01T14:21:33.353499+00:00	RedHat Importer	Affected by	VCID-1bhj-vafz-4ya8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12122.json	38.0.0
2026-04-01T14:21:33.291281+00:00	RedHat Importer	Affected by	VCID-zrbm-htvv-eke9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12121.json	38.0.0
2026-04-01T14:21:33.220409+00:00	RedHat Importer	Affected by	VCID-f7ch-ze7a-d7gr	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12116.json	38.0.0
2026-04-01T14:20:52.561296+00:00	RedHat Importer	Affected by	VCID-us11-vy4j-pfd2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5737.json	38.0.0