VulnerableCode Vulnerability Details - VCID-1126-8m5u-5kbg

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-1126-8m5u-5kbg

Essentials
Severities (7)
References (9)
Severity details (7)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-1126-8m5u-5kbg
Aliases	GHSA-8r4g-cg4m-x23c GMS-2021-39
Summary	Duplicate This advisory duplicates another.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-248	Uncaught Exception
CWE-400	Uncontrolled Resource Consumption

System	Score	Found at
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-8r4g-cg4m-x23c
generic_textual	MODERATE	https://github.com/cloudhead/node-static
generic_textual	MODERATE	https://github.com/cloudhead/node-static/blob/643a528ec7bbd05a59c4030655d94810570afb3f/CHANGES.md#-unreleased
generic_textual	MODERATE	https://github.com/cloudhead/node-static/pull/213
generic_textual	MODERATE	https://github.com/github/advisory-database/pull/6248
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2025-11149
generic_textual	MODERATE	https://security.snyk.io/vuln/SNYK-JS-NODESTATIC-1297183

Reference id	Reference type	URL
		https://github.com/cloudhead/node-static
		https://github.com/cloudhead/node-static/blob/643a528ec7bbd05a59c4030655d94810570afb3f/CHANGES.md#-unreleased
		https://github.com/cloudhead/node-static/pull/213
		https://github.com/github/advisory-database/pull/6248
		https://security.snyk.io/vuln/SNYK-JS-NODESTATIC-1297183
		https://www.npmjs.com/advisories/1208
		https://www.npmjs.com/package/node-static
CVE-2025-11149		https://nvd.nist.gov/vuln/detail/CVE-2025-11149
GHSA-8r4g-cg4m-x23c		https://github.com/advisories/GHSA-8r4g-cg4m-x23c

No exploits are available.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:48:52.509942+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/node-static/GMS-2021-39.yml	38.0.0