{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","type":"deb","namespace":"debian","name":"nodejs","version":"22.22.2+dfsg+~cs22.19.15-3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"24.15.0+dfsg+~cs24.12.2-1","latest_non_vulnerable_version":"24.15.0+dfsg+~cs24.12.2-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81223?format=json","vulnerability_id":"VCID-17k5-vadp-4kby","summary":"nghttp2: overly large SETTINGS frames can lead to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11080.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11080.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11080","reference_id":"","reference_type":"","scores":[{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73061","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73041","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73044","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72893","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72901","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73034","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72993","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.7299","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72949","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72955","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72973","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72934","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72922","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01247","scoring_system":"epss","scoring_elements":"0.79429","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1844929","reference_id":"1844929","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1844929"},{"reference_url":"https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090","reference_id":"336a98feb0d56b9ac54e12736b18785c27f75090","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/"}],"url":"https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145","reference_id":"962145","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL/","reference_id":"AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4696","reference_id":"dsa-4696","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/"}],"url":"https://www.debian.org/security/2020/dsa-4696"},{"reference_url":"https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394","reference_id":"f8da73bd042f810f34d19f9eae02b46d870af394","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/"}],"url":"https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394"},{"reference_url":"https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr","reference_id":"GHSA-q5wr-xfw9-q7xr","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/"}],"url":"https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2523","reference_id":"RHSA-2020:2523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2524","reference_id":"RHSA-2020:2524","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2644","reference_id":"RHSA-2020:2644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2646","reference_id":"RHSA-2020:2646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2755","reference_id":"RHSA-2020:2755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2784","reference_id":"RHSA-2020:2784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2823","reference_id":"RHSA-2020:2823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2847","reference_id":"RHSA-2020:2847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2848","reference_id":"RHSA-2020:2848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2849","reference_id":"RHSA-2020:2849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2850","reference_id":"RHSA-2020:2850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2852","reference_id":"RHSA-2020:2852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2895","reference_id":"RHSA-2020:2895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3042","reference_id":"RHSA-2020:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3084","reference_id":"RHSA-2020:3084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3084"},{"reference_url":"https://usn.ubuntu.com/6142-1/","reference_id":"USN-6142-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6142-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932817?format=json","purl":"pkg:deb/debian/nodejs@10.21.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.21.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-11080"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17k5-vadp-4kby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57383?format=json","vulnerability_id":"VCID-1bhj-vafz-4ya8","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12122.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12122.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12122","reference_id":"","reference_type":"","scores":[{"value":"0.02342","scoring_system":"epss","scoring_elements":"0.84983","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02342","scoring_system":"epss","scoring_elements":"0.8489","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02342","scoring_system":"epss","scoring_elements":"0.84887","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02342","scoring_system":"epss","scoring_elements":"0.84914","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02342","scoring_system":"epss","scoring_elements":"0.84923","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02342","scoring_system":"epss","scoring_elements":"0.8494","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02342","scoring_system":"epss","scoring_elements":"0.84964","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02716","scoring_system":"epss","scoring_elements":"0.85924","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02716","scoring_system":"epss","scoring_elements":"0.85943","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02716","scoring_system":"epss","scoring_elements":"0.85929","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03643","scoring_system":"epss","scoring_elements":"0.87866","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0549","scoring_system":"epss","scoring_elements":"0.90195","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0549","scoring_system":"epss","scoring_elements":"0.90211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0549","scoring_system":"epss","scoring_elements":"0.90217","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0549","scoring_system":"epss","scoring_elements":"0.90175","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0549","scoring_system":"epss","scoring_elements":"0.90178","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0549","scoring_system":"epss","scoring_elements":"0.9019","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661005","reference_id":"1661005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661005"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12122"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bhj-vafz-4ya8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34125?format=json","vulnerability_id":"VCID-1ghj-acr4-tkat","summary":"Multiple vulnerabilities have been found in Node.js, the worst of\n    which can allow remote attackers to cause Denial of Service conditions.","references":[{"reference_url":"http://blog.safebreach.com/2016/02/09/http-response-splitting-in-node-js-root-cause-analysis/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.safebreach.com/2016/02/09/http-response-splitting-in-node-js-root-cause-analysis/"},{"reference_url":"http://info.safebreach.com/hubfs/Node-js-Response-Splitting.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://info.safebreach.com/hubfs/Node-js-Response-Splitting.pdf"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177184.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177184.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177673.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177673.html"},{"reference_url":"http://packetstormsecurity.com/files/135711/Node.js-HTTP-Response-Splitting.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/135711/Node.js-HTTP-Response-Splitting.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2216.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2216","reference_id":"","reference_type":"","scores":[{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.83065","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.83045","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82858","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82875","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82888","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82884","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82909","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82917","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82933","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82928","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82924","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82963","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82962","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82966","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82986","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.82996","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.83002","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01835","scoring_system":"epss","scoring_elements":"0.83025","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2216"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/"},{"reference_url":"http://www.securityfocus.com/bid/83141","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/83141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306203","reference_id":"1306203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306203"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16-isaacs-manual:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.16-isaacs-manual:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16-isaacs-manual:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.39:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.11.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.11.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2216","reference_id":"CVE-2016-2216","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2216"},{"reference_url":"https://security.gentoo.org/glsa/201612-43","reference_id":"GLSA-201612-43","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-43"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932807?format=json","purl":"pkg:deb/debian/nodejs@4.3.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.3.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2216"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ghj-acr4-tkat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63920?format=json","vulnerability_id":"VCID-1vp3-fzdr-yqbm","summary":"Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21715.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21715.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21715","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00177","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00201","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.002","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00202","published_at":"2026-04-13T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00204","published_at":"2026-04-16T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00205","published_at":"2026-04-29T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00208","published_at":"2026-04-24T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00207","published_at":"2026-04-26T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-05-05T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.0026","published_at":"2026-05-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00216","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21715"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453152","reference_id":"2453152","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21715"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vp3-fzdr-yqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63923?format=json","vulnerability_id":"VCID-2t7c-dju9-pff6","summary":"Node.js: Node.js: Information disclosure via timing oracle in HMAC verification","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21713.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21713","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0144","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03543","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05602","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05575","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05613","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05638","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05611","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05595","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05546","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0556","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07607","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07681","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07629","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07571","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08334","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08476","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08556","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21713"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453160","reference_id":"2453160","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453160"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T19:45:13Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21713"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2t7c-dju9-pff6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37577?format=json","vulnerability_id":"VCID-2z1f-7jkw-17av","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27982.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27982.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27982","reference_id":"","reference_type":"","scores":[{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60185","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60147","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60117","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60133","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60121","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.6008","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60068","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60093","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60063","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60113","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60127","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60149","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60116","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60154","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60161","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27982"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347","reference_id":"1068347","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347"},{"reference_url":"https://hackerone.com/reports/2237099","reference_id":"2237099","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:19:19Z/"}],"url":"https://hackerone.com/reports/2237099"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275392","reference_id":"2275392","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275392"},{"reference_url":"https://security.archlinux.org/AVG-2852","reference_id":"AVG-2852","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2852"},{"reference_url":"https://security.archlinux.org/AVG-2853","reference_id":"AVG-2853","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2853"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2778","reference_id":"RHSA-2024:2778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2779","reference_id":"RHSA-2024:2779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2780","reference_id":"RHSA-2024:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2853","reference_id":"RHSA-2024:2853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2910","reference_id":"RHSA-2024:2910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3545","reference_id":"RHSA-2024:3545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4559","reference_id":"RHSA-2024:4559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4559"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932837?format=json","purl":"pkg:deb/debian/nodejs@18.20.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-27982"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2z1f-7jkw-17av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/264557?format=json","vulnerability_id":"VCID-35e4-h5zk-5ffn","summary":"A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3566","reference_id":"","reference_type":"","scores":[{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91583","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91492","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.915","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91513","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91519","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91524","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91526","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91546","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91541","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.9155","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91548","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91547","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.9156","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91574","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3566"},{"reference_url":"https://kb.cert.org/vuls/id/123335","reference_id":"123335","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://kb.cert.org/vuls/id/123335"},{"reference_url":"https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/","reference_id":"batbadbut-you-cant-securely-execute-commands-on-windows","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2024-1874","reference_id":"CVERecord?id=CVE-2024-1874","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2024-1874"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2024-22423","reference_id":"CVERecord?id=CVE-2024-22423","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2024-22423"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2024-24576","reference_id":"CVERecord?id=CVE-2024-24576","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2024-24576"},{"reference_url":"https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way","reference_id":"everyone-quotes-command-line-arguments-the-wrong-way","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-3566"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35e4-h5zk-5ffn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62481?format=json","vulnerability_id":"VCID-38k9-23j3-eqh7","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30581.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30581","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04633","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04969","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04877","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04876","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04925","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04657","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0467","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04704","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04716","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04693","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04676","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04643","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04651","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04791","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04825","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04864","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30581"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990","reference_id":"1039990","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219824","reference_id":"2219824","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219824"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-05T14:18:07Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4330","reference_id":"RHSA-2023:4330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4331","reference_id":"RHSA-2023:4331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4536","reference_id":"RHSA-2023:4536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4537","reference_id":"RHSA-2023:4537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30581"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-38k9-23j3-eqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48671?format=json","vulnerability_id":"VCID-39c4-njbs-pyeq","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8251.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8251.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8251","reference_id":"","reference_type":"","scores":[{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89658","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.8966","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89675","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89695","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.897","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89706","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89715","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89716","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89711","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89726","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89728","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89727","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89739","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89754","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89765","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8251"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879314","reference_id":"1879314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8251"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39c4-njbs-pyeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86535?format=json","vulnerability_id":"VCID-3j17-wsqw-hucs","summary":"NodeJS: HTTP Pipelining DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4450.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4450.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4450","reference_id":"","reference_type":"","scores":[{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98608","published_at":"2026-04-01T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.9861","published_at":"2026-04-02T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98613","published_at":"2026-04-04T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98615","published_at":"2026-04-07T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98617","published_at":"2026-04-08T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98618","published_at":"2026-04-09T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98621","published_at":"2026-04-12T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98623","published_at":"2026-04-13T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98626","published_at":"2026-04-21T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98627","published_at":"2026-04-18T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98631","published_at":"2026-04-26T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98632","published_at":"2026-04-29T12:55:00Z"},{"value":"0.68714","scoring_system":"epss","scoring_elements":"0.98636","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4450"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1021170","reference_id":"1021170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1021170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1842","reference_id":"RHSA-2013:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1842"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932800?format=json","purl":"pkg:deb/debian/nodejs@0.10.21~dfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0.10.21~dfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4450"],"risk_score":1.2,"exploitability":"2.0","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3j17-wsqw-hucs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85609?format=json","vulnerability_id":"VCID-3nb1-jud1-rkgk","summary":"nodejs: `Buffer` to UTF8 `String` conversion DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5380.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5380","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69972","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69984","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70024","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7004","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70048","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70035","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70078","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70119","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70127","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70102","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70144","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70175","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5380"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239332","reference_id":"1239332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239332"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5380"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nb1-jud1-rkgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83813?format=json","vulnerability_id":"VCID-3v19-cq1w-y3cz","summary":"nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15896.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15896","reference_id":"","reference_type":"","scores":[{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3662","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37021","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37066","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36989","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36759","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3664","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36524","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36595","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37072","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37048","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40086","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40181","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1525106","reference_id":"1525106","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1525106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15896","reference_id":"CVE-2017-15896","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15896"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3v19-cq1w-y3cz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57385?format=json","vulnerability_id":"VCID-3vdn-6af1-k3g6","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7161.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7161","reference_id":"","reference_type":"","scores":[{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.779","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78091","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78038","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78048","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78074","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77907","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77934","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77944","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77975","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77957","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77992","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77991","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77984","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78017","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78025","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7161"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"},{"reference_url":"https://security.gentoo.org/glsa/202003-48","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-48"},{"reference_url":"http://www.securityfocus.com/bid/106363","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106363"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591013","reference_id":"1591013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591013"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7161","reference_id":"CVE-2018-7161","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2949","reference_id":"RHSA-2018:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2949"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7161"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3vdn-6af1-k3g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64946?format=json","vulnerability_id":"VCID-43sf-4r41-wugc","summary":"nodejs: Nodejs filesystem permissions bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55132.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55132.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55132","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01084","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01145","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01142","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01149","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01147","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01085","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01077","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55132"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55132","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55132"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431338","reference_id":"2431338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431338"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T18:38:44Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7378","reference_id":"RHSA-2026:7378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7657","reference_id":"RHSA-2026:7657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932843?format=json","purl":"pkg:deb/debian/nodejs@22.22.0%2Bdfsg%2B~cs22.19.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.0%252Bdfsg%252B~cs22.19.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-55132"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43sf-4r41-wugc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62482?format=json","vulnerability_id":"VCID-4ak9-89fm-ybh2","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30582.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30582","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2715","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26786","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2667","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26738","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27187","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26978","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27047","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27092","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27095","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27052","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26994","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27003","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26942","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26893","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26886","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2682","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30582"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219832","reference_id":"2219832","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219832"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:09:51Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30582"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ak9-89fm-ybh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84875?format=json","vulnerability_id":"VCID-4cbr-u3tr-pfdr","summary":"nodejs: wildcard certificates not properly validated","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7099.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7099.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7099","reference_id":"","reference_type":"","scores":[{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72385","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.7239","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72408","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72424","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72436","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72459","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72442","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72432","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72473","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72482","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72471","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72514","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72522","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72519","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72511","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72539","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72565","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7099"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1379921","reference_id":"1379921","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1379921"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839714","reference_id":"839714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0002","reference_id":"RHSA-2017:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0002"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932808?format=json","purl":"pkg:deb/debian/nodejs@4.6.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.6.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-7099"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cbr-u3tr-pfdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57389?format=json","vulnerability_id":"VCID-4dhf-bpv6-a3e1","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15604.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15604","reference_id":"","reference_type":"","scores":[{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87611","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87634","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87636","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87656","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87662","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87673","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87669","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87666","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87681","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87678","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87696","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87702","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87701","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87716","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87731","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03533","scoring_system":"epss","scoring_elements":"0.87749","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800367","reference_id":"1800367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0598","reference_id":"RHSA-2020:0598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0598"},{"reference_url":"https://usn.ubuntu.com/6380-1/","reference_id":"USN-6380-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6380-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932814?format=json","purl":"pkg:deb/debian/nodejs@10.19.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.19.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-15604"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dhf-bpv6-a3e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57387?format=json","vulnerability_id":"VCID-4khc-2nz3-ckhr","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7164.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7164.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7164","reference_id":"","reference_type":"","scores":[{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77708","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77914","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77864","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77895","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77715","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77725","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77753","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77758","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77785","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77769","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77768","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77805","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77804","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77798","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.7783","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77838","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.77853","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7164"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"},{"reference_url":"https://security.gentoo.org/glsa/202003-48","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-48"},{"reference_url":"http://www.securityfocus.com/bid/104463","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104463"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591023","reference_id":"1591023","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591023"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7164","reference_id":"CVE-2018-7164","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7164"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7164"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4khc-2nz3-ckhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92334?format=json","vulnerability_id":"VCID-5397-fjce-pbbg","summary":"The Update method in src/node_http_parser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information (request header contents) and possibly spoof HTTP headers via a zero length string.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2330","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.6997","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69983","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69974","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70022","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70038","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70062","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70046","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70033","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70076","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70085","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70118","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70125","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70142","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70172","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2330"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932796?format=json","purl":"pkg:deb/debian/nodejs@0.6.17~dfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0.6.17~dfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2012-2330"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5397-fjce-pbbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34821?format=json","vulnerability_id":"VCID-53xm-8w84-93cx","summary":"Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22930.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22930","reference_id":"","reference_type":"","scores":[{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55216","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55283","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55292","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.5524","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55315","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55339","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55321","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55371","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55382","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55361","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55378","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55383","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55299","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55319","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1988394","reference_id":"1988394","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1988394"},{"reference_url":"https://security.archlinux.org/ASA-202108-1","reference_id":"ASA-202108-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-1"},{"reference_url":"https://security.archlinux.org/AVG-2239","reference_id":"AVG-2239","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2239"},{"reference_url":"https://security.gentoo.org/glsa/202401-02","reference_id":"GLSA-202401-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-02"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3280","reference_id":"RHSA-2021:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3281","reference_id":"RHSA-2021:3281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3623","reference_id":"RHSA-2021:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3638","reference_id":"RHSA-2021:3638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3639","reference_id":"RHSA-2021:3639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3666","reference_id":"RHSA-2021:3666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932821?format=json","purl":"pkg:deb/debian/nodejs@12.22.4~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.4~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932822?format=json","purl":"pkg:deb/debian/nodejs@12.22.5~dfsg-2~11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.5~dfsg-2~11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22930"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53xm-8w84-93cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37549?format=json","vulnerability_id":"VCID-5afy-ud31-hbaw","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21890.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21890","reference_id":"","reference_type":"","scores":[{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80851","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80748","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80751","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80774","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80778","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80791","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80808","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.8083","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80662","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80683","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80679","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80707","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80717","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80734","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.8072","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80712","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2257156","reference_id":"2257156","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:50:11Z/"}],"url":"https://hackerone.com/reports/2257156"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265722","reference_id":"2265722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265722"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240315-0002/","reference_id":"ntap-20240315-0002","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:50:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240315-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21890"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5afy-ud31-hbaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13058?format=json","vulnerability_id":"VCID-5cf7-va9h-h3gy","summary":"Improper Certificate Validation\nAccepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js does not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44531","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22952","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22996","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22789","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22863","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22916","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22936","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22843","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22856","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22851","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2281","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22647","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2264","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22635","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2253","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22612","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22692","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1429694","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1429694"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220325-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220325-0007/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5170","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2022/dsa-5170"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177","reference_id":"1004177","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040839","reference_id":"2040839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040839"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44531","reference_id":"CVE-2021-44531","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44531"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4914","reference_id":"RHSA-2022:4914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7044","reference_id":"RHSA-2022:7044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7830","reference_id":"RHSA-2022:7830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:9073","reference_id":"RHSA-2022:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3742","reference_id":"RHSA-2023:3742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3742"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932826?format=json","purl":"pkg:deb/debian/nodejs@12.22.9~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.9~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932825?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-44531"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5cf7-va9h-h3gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37566?format=json","vulnerability_id":"VCID-67xm-uc9p-y7f2","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22020.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22020","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32395","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32845","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32809","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32659","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32544","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3246","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32322","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32386","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32954","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32989","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32811","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32859","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32888","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32889","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32851","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32867","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22020"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2092749","reference_id":"2092749","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T03:55:30Z/"}],"url":"https://hackerone.com/reports/2092749"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296417","reference_id":"2296417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296417"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T03:55:30Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T03:55:30Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5814","reference_id":"RHSA-2024:5814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5815","reference_id":"RHSA-2024:5815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6147","reference_id":"RHSA-2024:6147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6148","reference_id":"RHSA-2024:6148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6148"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932836?format=json","purl":"pkg:deb/debian/nodejs@20.15.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.15.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22020"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67xm-uc9p-y7f2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8479?format=json","vulnerability_id":"VCID-6uyn-fy9v-c3gx","summary":"Uncontrolled Resource Consumption\nNode.js allows remote attackers to cause a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7384.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7384","reference_id":"","reference_type":"","scores":[{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75018","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74967","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74994","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74836","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74838","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74867","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.7484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74873","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.7491","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74888","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74879","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74915","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74923","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74914","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.7495","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.74957","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.7496","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/nodejs/node/issues/3138","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/nodejs/node/issues/3138"},{"reference_url":"http://www.securityfocus.com/bid/101260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101260"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1268791","reference_id":"1268791","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1268791"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800580","reference_id":"800580","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800580"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7384","reference_id":"CVE-2015-7384","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7384"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932805?format=json","purl":"pkg:deb/debian/nodejs@4.1.1~dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.1.1~dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-7384"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6uyn-fy9v-c3gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34825?format=json","vulnerability_id":"VCID-7cth-47w2-17hy","summary":"Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22940.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22940.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22940","reference_id":"","reference_type":"","scores":[{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59679","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59869","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59761","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59809","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59753","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59747","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59799","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59812","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59831","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59815","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59834","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59841","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59824","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59795","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59798","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22940"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993029","reference_id":"1993029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993029"},{"reference_url":"https://security.archlinux.org/AVG-2283","reference_id":"AVG-2283","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2283"},{"reference_url":"https://security.gentoo.org/glsa/202401-02","reference_id":"GLSA-202401-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-02"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3280","reference_id":"RHSA-2021:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3281","reference_id":"RHSA-2021:3281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3623","reference_id":"RHSA-2021:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3638","reference_id":"RHSA-2021:3638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3639","reference_id":"RHSA-2021:3639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3666","reference_id":"RHSA-2021:3666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932823?format=json","purl":"pkg:deb/debian/nodejs@12.22.5~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.5~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22940"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7cth-47w2-17hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78659?format=json","vulnerability_id":"VCID-7nnu-jtjx-u3ff","summary":"Node.js: Permissions policies can be bypassed via process.mainModule","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23918.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23918","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0582","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0567","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05677","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05463","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05469","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05505","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05526","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05486","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05479","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05437","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05599","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23918"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834","reference_id":"1031834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2171935","reference_id":"2171935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2171935"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/","reference_id":"february-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T17:47:16Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230316-0008/","reference_id":"ntap-20230316-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T17:47:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230316-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1533","reference_id":"RHSA-2023:1533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1582","reference_id":"RHSA-2023:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1583","reference_id":"RHSA-2023:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1743","reference_id":"RHSA-2023:1743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1744","reference_id":"RHSA-2023:1744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2654","reference_id":"RHSA-2023:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2655","reference_id":"RHSA-2023:2655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2655"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932832?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-23918"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7nnu-jtjx-u3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62475?format=json","vulnerability_id":"VCID-7tpb-9zrz-e7e1","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32212","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19983","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20041","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19768","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19848","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19901","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19911","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19782","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19785","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19798","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19692","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19685","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19651","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19545","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19629","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19713","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105422","reference_id":"2105422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105422"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6389","reference_id":"RHSA-2022:6389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6448","reference_id":"RHSA-2022:6448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6449","reference_id":"RHSA-2022:6449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6595","reference_id":"RHSA-2022:6595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6985","reference_id":"RHSA-2022:6985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6985"},{"reference_url":"https://usn.ubuntu.com/6491-1/","reference_id":"USN-6491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932828?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932827?format=json","purl":"pkg:deb/debian/nodejs@18.6.0%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.6.0%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32212"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7tpb-9zrz-e7e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62492?format=json","vulnerability_id":"VCID-7z51-jgw6-v7hr","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32005.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32005","reference_id":"","reference_type":"","scores":[{"value":"0.00978","scoring_system":"epss","scoring_elements":"0.76869","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00978","scoring_system":"epss","scoring_elements":"0.76852","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78239","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78267","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78253","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78234","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01138","scoring_system":"epss","scoring_elements":"0.78381","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01138","scoring_system":"epss","scoring_elements":"0.7835","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79932","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79908","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79867","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79896","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79924","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.799","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32005"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2051224","reference_id":"2051224","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:42Z/"}],"url":"https://hackerone.com/reports/2051224"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230958","reference_id":"2230958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230958"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231103-0004/","reference_id":"ntap-20231103-0004","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231103-0004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32005"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7z51-jgw6-v7hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53859?format=json","vulnerability_id":"VCID-8c4g-fjsa-nkhw","summary":"llhttp allows HTTP Request Smuggling via Improper Delimiting of Header Fields\nThe llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. The LF character (without CR) is sufficient to delimit HTTP header fields in the lihttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This can lead to HTTP Request Smuggling (HRS).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32214","reference_id":"","reference_type":"","scores":[{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.97316","published_at":"2026-05-09T12:55:00Z"},{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.97312","published_at":"2026-05-07T12:55:00Z"},{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.97307","published_at":"2026-05-05T12:55:00Z"},{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.97303","published_at":"2026-04-29T12:55:00Z"},{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.97301","published_at":"2026-04-26T12:55:00Z"},{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.97296","published_at":"2026-04-16T12:55:00Z"},{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.97298","published_at":"2026-04-18T12:55:00Z"},{"value":"0.39294","scoring_system":"epss","scoring_elements":"0.973","published_at":"2026-04-24T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97611","published_at":"2026-04-04T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97608","published_at":"2026-04-02T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97612","published_at":"2026-04-07T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97624","published_at":"2026-04-12T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97622","published_at":"2026-04-11T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.45841","scoring_system":"epss","scoring_elements":"0.97617","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc7230#section-3","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://datatracker.ietf.org/doc/html/rfc7230#section-3"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb"},{"reference_url":"https://hackerone.com/reports/1524692","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/1524692"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32214","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32214"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0001","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220915-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220915-0001/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5326","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2023/dsa-5326"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105428","reference_id":"2105428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105428"},{"reference_url":"https://github.com/advisories/GHSA-q5vx-44v4-gch4","reference_id":"GHSA-q5vx-44v4-gch4","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q5vx-44v4-gch4"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6389","reference_id":"RHSA-2022:6389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6448","reference_id":"RHSA-2022:6448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6449","reference_id":"RHSA-2022:6449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6595","reference_id":"RHSA-2022:6595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6985","reference_id":"RHSA-2022:6985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6985"},{"reference_url":"https://usn.ubuntu.com/6491-1/","reference_id":"USN-6491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932828?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932827?format=json","purl":"pkg:deb/debian/nodejs@18.6.0%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.6.0%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32214","GHSA-q5vx-44v4-gch4"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8c4g-fjsa-nkhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34122?format=json","vulnerability_id":"VCID-8m9d-ah96-d7cg","summary":"Multiple vulnerabilities have been found in Node.js, the worst of\n    which can allow remote attackers to cause Denial of Service conditions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8027.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8027.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8027","reference_id":"","reference_type":"","scores":[{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80493","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80474","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80299","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80307","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80327","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80315","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80343","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80354","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80372","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80358","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80351","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80381","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80382","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80386","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80412","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80419","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80436","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80452","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8027"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8027","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8027"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV79524","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV79524"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21972419","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21972419"},{"reference_url":"http://www.securityfocus.com/bid/78207","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/78207"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1285771","reference_id":"1285771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1285771"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806385","reference_id":"806385","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8027","reference_id":"CVE-2015-8027","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8027"},{"reference_url":"https://security.gentoo.org/glsa/201612-43","reference_id":"GLSA-201612-43","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-43"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932804?format=json","purl":"pkg:deb/debian/nodejs@4.2.3~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.2.3~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8027"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8m9d-ah96-d7cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78660?format=json","vulnerability_id":"VCID-8myg-sjwy-yqfp","summary":"Node.js: OpenSSL error handling issues in nodejs crypto library","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23919.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23919","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55028","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54928","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54969","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59073","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59089","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59069","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59087","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66318","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66334","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68536","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.6863","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68618","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68588","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71716","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71735","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23919"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834","reference_id":"1031834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834"},{"reference_url":"https://hackerone.com/reports/1808596","reference_id":"1808596","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:26:46Z/"}],"url":"https://hackerone.com/reports/1808596"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172170","reference_id":"2172170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172170"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/","reference_id":"february-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:26:46Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230316-0008/","reference_id":"ntap-20230316-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:26:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230316-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1582","reference_id":"RHSA-2023:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1583","reference_id":"RHSA-2023:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2654","reference_id":"RHSA-2023:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2654"},{"reference_url":"https://usn.ubuntu.com/6672-1/","reference_id":"USN-6672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-23919"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8myg-sjwy-yqfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83814?format=json","vulnerability_id":"VCID-8qmf-bwmg-5bar","summary":"nodejs: Unitialized buffer due to incorrect encoding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15897.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15897.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15897","reference_id":"","reference_type":"","scores":[{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65596","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65552","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65648","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.6563","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70759","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70685","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70725","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.7062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70643","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70628","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70659","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70667","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70646","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70698","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70707","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15897"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532534","reference_id":"1532534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532534"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15897","reference_id":"CVE-2017-15897","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15897"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15897"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qmf-bwmg-5bar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63924?format=json","vulnerability_id":"VCID-96yh-1wub-zucg","summary":"Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21714.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21714.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21714","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0161","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02672","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02382","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03344","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03392","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03414","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03372","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03718","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03722","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03725","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0377","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04523","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04553","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04593","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21714"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21714","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21714"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453161","reference_id":"2453161","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453161"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T16:14:45Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21714"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-96yh-1wub-zucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64952?format=json","vulnerability_id":"VCID-98fy-tedc-ube7","summary":"nodejs: Nodejs uninitialized memory exposure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55131.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55131","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09986","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09836","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09752","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0992","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09884","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09783","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09855","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09913","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09876","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09861","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09742","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09715","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09865","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09911","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09877","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55131"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431350","reference_id":"2431350","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431350"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:31Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2767","reference_id":"RHSA-2026:2767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2768","reference_id":"RHSA-2026:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2864","reference_id":"RHSA-2026:2864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2899","reference_id":"RHSA-2026:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7378","reference_id":"RHSA-2026:7378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7657","reference_id":"RHSA-2026:7657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932843?format=json","purl":"pkg:deb/debian/nodejs@22.22.0%2Bdfsg%2B~cs22.19.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.0%252Bdfsg%252B~cs22.19.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-55131"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-98fy-tedc-ube7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34824?format=json","vulnerability_id":"VCID-9g7s-y7nq-xfbb","summary":"Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22939.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22939","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31612","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31138","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31062","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31132","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31744","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31788","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3166","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31689","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31693","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31617","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3165","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31629","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31597","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3142","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31294","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31214","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993039","reference_id":"1993039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993039"},{"reference_url":"https://security.archlinux.org/AVG-2283","reference_id":"AVG-2283","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2283"},{"reference_url":"https://security.gentoo.org/glsa/202401-02","reference_id":"GLSA-202401-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-02"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3280","reference_id":"RHSA-2021:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3281","reference_id":"RHSA-2021:3281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3623","reference_id":"RHSA-2021:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3638","reference_id":"RHSA-2021:3638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3639","reference_id":"RHSA-2021:3639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3666","reference_id":"RHSA-2021:3666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932823?format=json","purl":"pkg:deb/debian/nodejs@12.22.5~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.5~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932822?format=json","purl":"pkg:deb/debian/nodejs@12.22.5~dfsg-2~11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.5~dfsg-2~11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22939"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9g7s-y7nq-xfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45?format=json","vulnerability_id":"VCID-9hzg-r1fj-pubf","summary":"Excessive CPU usage in HTTP/2 with priority changes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9513","reference_id":"","reference_type":"","scores":[{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91201","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91328","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91277","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91287","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91285","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91301","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91317","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91206","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91215","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91221","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91235","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91241","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91248","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.9125","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91275","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06705","scoring_system":"epss","scoring_elements":"0.91274","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html","reference_id":"","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735741","reference_id":"1735741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735741"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885","reference_id":"934885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037","reference_id":"935037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037"},{"reference_url":"https://security.archlinux.org/ASA-201908-12","reference_id":"ASA-201908-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-12"},{"reference_url":"https://security.archlinux.org/ASA-201908-13","reference_id":"ASA-201908-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-13"},{"reference_url":"https://security.archlinux.org/ASA-201908-17","reference_id":"ASA-201908-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-17"},{"reference_url":"https://security.archlinux.org/AVG-1022","reference_id":"AVG-1022","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1022"},{"reference_url":"https://security.archlinux.org/AVG-1023","reference_id":"AVG-1023","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1023"},{"reference_url":"https://security.archlinux.org/AVG-1024","reference_id":"AVG-1024","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1024"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9513","reference_id":"CVE-2019-9513","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2692","reference_id":"RHSA-2019:2692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2745","reference_id":"RHSA-2019:2745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2746","reference_id":"RHSA-2019:2746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2775","reference_id":"RHSA-2019:2775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2799","reference_id":"RHSA-2019:2799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2946","reference_id":"RHSA-2019:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2949","reference_id":"RHSA-2019:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3041","reference_id":"RHSA-2019:3041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://usn.ubuntu.com/4099-1/","reference_id":"USN-4099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4099-1/"},{"reference_url":"https://usn.ubuntu.com/6754-1/","reference_id":"USN-6754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6754-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932816?format=json","purl":"pkg:deb/debian/nodejs@10.16.3~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.16.3~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9513"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hzg-r1fj-pubf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57393?format=json","vulnerability_id":"VCID-9tvd-qsp8-byfx","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5739.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5739.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5739","reference_id":"","reference_type":"","scores":[{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54291","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54402","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54351","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54301","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54345","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54311","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54341","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54316","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54368","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54412","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54394","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54372","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54411","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54416","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54397","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.5436","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54374","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5739"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/"},{"reference_url":"https://security.gentoo.org/glsa/202003-48","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-48"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0008/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0008/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690798","reference_id":"1690798","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690798"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5739","reference_id":"CVE-2019-5739","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5739"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932811?format=json","purl":"pkg:deb/debian/nodejs@8.9.3~dfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@8.9.3~dfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-5739"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tvd-qsp8-byfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83220?format=json","vulnerability_id":"VCID-9uux-1n93-4kcs","summary":"nodejs: Unintentional exposure of uninitialized memory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7166.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7166","reference_id":"","reference_type":"","scores":[{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74986","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74989","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75018","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74995","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.7504","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75062","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75041","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75031","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75075","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75104","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75108","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75112","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.7512","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75147","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75171","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7166"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1620215","reference_id":"1620215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1620215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2553","reference_id":"RHSA-2018:2553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2553"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7166"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uux-1n93-4kcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57384?format=json","vulnerability_id":"VCID-9v22-ened-4bg2","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12123.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12123.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12123","reference_id":"","reference_type":"","scores":[{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.88415","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.88354","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.88353","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.8837","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.88374","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.88375","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.88386","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03942","scoring_system":"epss","scoring_elements":"0.88402","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89202","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89195","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89208","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89144","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89198","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89151","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89166","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89169","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89187","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89192","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12123"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661010","reference_id":"1661010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661010"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12123"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9v22-ened-4bg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62495?format=json","vulnerability_id":"VCID-9yq7-aba3-c7c3","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32559","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18795","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18904","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18793","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18772","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18728","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18607","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18691","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19169","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18885","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19017","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19024","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18977","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18926","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1888","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18892","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22427","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739","reference_id":"1050739","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739"},{"reference_url":"https://hackerone.com/reports/1946470","reference_id":"1946470","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/"}],"url":"https://hackerone.com/reports/1946470"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230956","reference_id":"2230956","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230956"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0006/","reference_id":"ntap-20231006-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5360","reference_id":"RHSA-2023:5360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5362","reference_id":"RHSA-2023:5362","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5362"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5363","reference_id":"RHSA-2023:5363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5532","reference_id":"RHSA-2023:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6822-1/","reference_id":"USN-6822-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6822-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32559"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9yq7-aba3-c7c3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37526?format=json","vulnerability_id":"VCID-a7mj-p1d7-h3cv","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39331.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39331.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39331","reference_id":"","reference_type":"","scores":[{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72413","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72588","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72538","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72545","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72543","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72534","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72563","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72447","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.7246","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72483","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72465","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72506","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72495","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39331"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2092852","reference_id":"2092852","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T15:17:01Z/"}],"url":"https://hackerone.com/reports/2092852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244413","reference_id":"2244413","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244413"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231116-0009/","reference_id":"ntap-20231116-0009","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T15:17:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231116-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-39331"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7mj-p1d7-h3cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34823?format=json","vulnerability_id":"VCID-ap4u-dkwx-1kb3","summary":"Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22931","reference_id":"","reference_type":"","scores":[{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71095","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71296","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71175","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.7116","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71143","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71189","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71196","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71228","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71236","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71239","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71224","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71262","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71104","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71097","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71139","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71151","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22931"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1178337","reference_id":"1178337","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://hackerone.com/reports/1178337"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993019","reference_id":"1993019","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993019"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/","reference_id":"aug-2021-security-releases","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/"},{"reference_url":"https://security.archlinux.org/AVG-2286","reference_id":"AVG-2286","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2286"},{"reference_url":"https://security.gentoo.org/glsa/202401-02","reference_id":"GLSA-202401-02","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://security.gentoo.org/glsa/202401-02"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210923-0001/","reference_id":"ntap-20210923-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210923-0001/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211022-0003/","reference_id":"ntap-20211022-0003","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211022-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3280","reference_id":"RHSA-2021:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3281","reference_id":"RHSA-2021:3281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3623","reference_id":"RHSA-2021:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3638","reference_id":"RHSA-2021:3638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3639","reference_id":"RHSA-2021:3639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3666","reference_id":"RHSA-2021:3666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22931"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ap4u-dkwx-1kb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37553?format=json","vulnerability_id":"VCID-apbs-8ge7-dyg3","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21896.json","reference_id":"","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21896","reference_id":"","reference_type":"","scores":[{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82095","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8199","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81991","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82014","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82026","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82031","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82049","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8207","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81898","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81921","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81943","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81951","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81954","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81989","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2218653","reference_id":"2218653","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/CR:M/IR:M/AR:M"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:41Z/"}],"url":"https://hackerone.com/reports/2218653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265717","reference_id":"2265717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265717"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240329-0002/","reference_id":"ntap-20240329-0002","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/CR:M/IR:M/AR:M"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240329-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apbs-8ge7-dyg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34126?format=json","vulnerability_id":"VCID-atyy-fepb-6yge","summary":"Multiple vulnerabilities have been found in Node.js, the worst of\n    which can allow remote attackers to cause Denial of Service conditions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5325.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5325.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5325","reference_id":"","reference_type":"","scores":[{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76765","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76798","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76779","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.7681","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.7682","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76849","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76822","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76865","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76862","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76894","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76902","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76914","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76903","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.76933","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00985","scoring_system":"epss","scoring_elements":"0.7695","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5325"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346910","reference_id":"1346910","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346910"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839714","reference_id":"839714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839714"},{"reference_url":"https://security.gentoo.org/glsa/201612-43","reference_id":"GLSA-201612-43","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-43"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0002","reference_id":"RHSA-2017:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932808?format=json","purl":"pkg:deb/debian/nodejs@4.6.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.6.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5325"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atyy-fepb-6yge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207785?format=json","vulnerability_id":"VCID-b1vd-c8xt-dqc6","summary":"Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36138","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49397","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49313","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49372","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49409","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49436","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49444","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49439","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49457","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49428","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49476","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49473","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49443","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49432","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49398","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36138"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases","reference_id":"july-2024-security-releases","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T17:53:28Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-36138"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1vd-c8xt-dqc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53933?format=json","vulnerability_id":"VCID-b54b-pd2b-bygm","summary":"llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding\nThe llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).\n\nImpacts:\n\n- All versions of the nodejs 18.x, 16.x, and 14.x releases lines.\n- llhttp v6.0.7 and llhttp v2.1.5 contains the fixes that were updated inside Node.js","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32213.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32213.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32213","reference_id":"","reference_type":"","scores":[{"value":"0.88458","scoring_system":"epss","scoring_elements":"0.99509","published_at":"2026-05-09T12:55:00Z"},{"value":"0.88458","scoring_system":"epss","scoring_elements":"0.99508","published_at":"2026-05-07T12:55:00Z"},{"value":"0.88458","scoring_system":"epss","scoring_elements":"0.99507","published_at":"2026-05-05T12:55:00Z"},{"value":"0.88458","scoring_system":"epss","scoring_elements":"0.99506","published_at":"2026-04-24T12:55:00Z"},{"value":"0.88458","scoring_system":"epss","scoring_elements":"0.99505","published_at":"2026-04-21T12:55:00Z"},{"value":"0.88458","scoring_system":"epss","scoring_elements":"0.99504","published_at":"2026-04-16T12:55:00Z"},{"value":"0.89626","scoring_system":"epss","scoring_elements":"0.99561","published_at":"2026-04-13T12:55:00Z"},{"value":"0.89626","scoring_system":"epss","scoring_elements":"0.9956","published_at":"2026-04-12T12:55:00Z"},{"value":"0.89626","scoring_system":"epss","scoring_elements":"0.99559","published_at":"2026-04-07T12:55:00Z"},{"value":"0.89626","scoring_system":"epss","scoring_elements":"0.99558","published_at":"2026-04-04T12:55:00Z"},{"value":"0.89626","scoring_system":"epss","scoring_elements":"0.99557","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32213"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb"},{"reference_url":"https://hackerone.com/reports/1524555","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/1524555"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32213","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32213"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0001","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220915-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220915-0001/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5326","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2023/dsa-5326"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105430","reference_id":"2105430","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105430"},{"reference_url":"https://github.com/advisories/GHSA-5689-v88g-g6rv","reference_id":"GHSA-5689-v88g-g6rv","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5689-v88g-g6rv"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6389","reference_id":"RHSA-2022:6389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6448","reference_id":"RHSA-2022:6448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6449","reference_id":"RHSA-2022:6449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6595","reference_id":"RHSA-2022:6595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6985","reference_id":"RHSA-2022:6985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6985"},{"reference_url":"https://usn.ubuntu.com/6491-1/","reference_id":"USN-6491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932828?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932827?format=json","purl":"pkg:deb/debian/nodejs@18.6.0%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.6.0%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32213","GHSA-5689-v88g-g6rv"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b54b-pd2b-bygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/241500?format=json","vulnerability_id":"VCID-b7hq-5yyx-tuhs","summary":"Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22921","reference_id":"","reference_type":"","scores":[{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67231","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67048","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67085","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67083","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67133","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67164","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.6715","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67152","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67167","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67148","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.6717","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67182","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67151","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67192","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22921"},{"reference_url":"https://security.archlinux.org/AVG-2130","reference_id":"AVG-2130","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22921"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7hq-5yyx-tuhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64947?format=json","vulnerability_id":"VCID-bjza-25hu-vkad","summary":"nodejs: Nodejs denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21637.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21637.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21637","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13576","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13426","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13332","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13491","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13752","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13552","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13684","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13654","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13618","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1357","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13484","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1348","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13551","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13564","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13535","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21637"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431340","reference_id":"2431340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431340"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:22:28Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2767","reference_id":"RHSA-2026:2767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2768","reference_id":"RHSA-2026:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2864","reference_id":"RHSA-2026:2864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2899","reference_id":"RHSA-2026:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21637"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjza-25hu-vkad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37572?format=json","vulnerability_id":"VCID-bx67-aud6-b3fa","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22025.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22025.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22025","reference_id":"","reference_type":"","scores":[{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62483","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62515","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70549","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70445","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70496","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70504","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70479","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70517","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70359","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70404","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.7042","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70444","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70429","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70415","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70457","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70465","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22025"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270559","reference_id":"2270559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270559"},{"reference_url":"https://hackerone.com/reports/2284065","reference_id":"2284065","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/"}],"url":"https://hackerone.com/reports/2284065"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240517-0008/","reference_id":"ntap-20240517-0008","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:30:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240517-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2778","reference_id":"RHSA-2024:2778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2779","reference_id":"RHSA-2024:2779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2780","reference_id":"RHSA-2024:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2853","reference_id":"RHSA-2024:2853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2910","reference_id":"RHSA-2024:2910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4559","reference_id":"RHSA-2024:4559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4721","reference_id":"RHSA-2024:4721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4721"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932835?format=json","purl":"pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22025"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bx67-aud6-b3fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69900?format=json","vulnerability_id":"VCID-c8xz-v6h3-6ueb","summary":"nodejs: libuv: Out-of-Bounds Access Due to Inconsistent off_t Size in libuv and Node.js Build on i386","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47153.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47153.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47153","reference_id":"","reference_type":"","scores":[{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71787","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71952","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71819","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71861","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71866","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71849","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71894","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71899","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71897","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71885","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71919","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71779","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71818","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71854","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71837","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47153"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47153","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47153"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363236","reference_id":"2363236","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363236"},{"reference_url":"https://github.com/nodejs/node-v0.x-archive/issues/4549","reference_id":"4549","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/"}],"url":"https://github.com/nodejs/node-v0.x-archive/issues/4549"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076350","reference_id":"bugreport.cgi?bug=1076350","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/"}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076350"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922075","reference_id":"bugreport.cgi?bug=922075","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/"}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922075"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=892601","reference_id":"show_bug.cgi?id=892601","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:42:34Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=892601"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932841?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932842?format=json","purl":"pkg:deb/debian/nodejs@20.19.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-47153"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8xz-v6h3-6ueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267285?format=json","vulnerability_id":"VCID-cjrh-xgy5-63ga","summary":"An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. \r\n\r\nThis vulnerability affects Windows users of `path.join` API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27210","reference_id":"","reference_type":"","scores":[{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88422","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88451","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88393","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88389","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88405","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.8841","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88438","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07107","scoring_system":"epss","scoring_elements":"0.91498","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92718","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92699","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92698","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92712","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92717","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/remote/52369.py","reference_id":"CVE-2025-27210","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/remote/52369.py"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases","reference_id":"july-2025-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T17:11:02Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-27210"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjrh-xgy5-63ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34123?format=json","vulnerability_id":"VCID-d8nf-t1fb-2uad","summary":"Multiple vulnerabilities have been found in Node.js, the worst of\n    which can allow remote attackers to cause Denial of Service conditions.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177184.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177184.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177673.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177673.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2086.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2086","reference_id":"","reference_type":"","scores":[{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.6528","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65207","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65235","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.6507","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.6512","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65147","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65112","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65162","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65174","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.6518","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65153","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65188","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65198","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65182","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65196","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65209","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2086"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/"},{"reference_url":"http://www.securityfocus.com/bid/83282","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/83282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306200","reference_id":"1306200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306200"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16-isaacs-manual:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.16-isaacs-manual:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.16-isaacs-manual:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.39:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.10.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.10.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:0.12.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:0.12.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2086","reference_id":"CVE-2016-2086","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2086"},{"reference_url":"https://security.gentoo.org/glsa/201612-43","reference_id":"GLSA-201612-43","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-43"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932807?format=json","purl":"pkg:deb/debian/nodejs@4.3.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.3.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2086"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d8nf-t1fb-2uad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62479?format=json","vulnerability_id":"VCID-dfdy-vhdd-5kh4","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35256","reference_id":"","reference_type":"","scores":[{"value":"0.03611","scoring_system":"epss","scoring_elements":"0.87865","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03611","scoring_system":"epss","scoring_elements":"0.87822","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03611","scoring_system":"epss","scoring_elements":"0.87819","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03611","scoring_system":"epss","scoring_elements":"0.87833","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03611","scoring_system":"epss","scoring_elements":"0.87847","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88357","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88301","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88374","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88315","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.8832","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88339","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88346","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88348","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88361","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03945","scoring_system":"epss","scoring_elements":"0.88358","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1675191","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:21:44Z/"}],"url":"https://hackerone.com/reports/1675191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2130518","reference_id":"2130518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2130518"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35256","reference_id":"CVE-2022-35256","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35256"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6963","reference_id":"RHSA-2022:6963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6964","reference_id":"RHSA-2022:6964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7044","reference_id":"RHSA-2022:7044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7821","reference_id":"RHSA-2022:7821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7830","reference_id":"RHSA-2022:7830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0321","reference_id":"RHSA-2023:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1533","reference_id":"RHSA-2023:1533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://usn.ubuntu.com/6491-1/","reference_id":"USN-6491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932828?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932829?format=json","purl":"pkg:deb/debian/nodejs@18.10.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.10.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-35256"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfdy-vhdd-5kh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63925?format=json","vulnerability_id":"VCID-dgkh-jdah-wfh9","summary":"nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21717.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21717.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21717","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04143","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05391","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07425","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07429","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07439","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07414","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07343","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07331","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10135","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10176","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10156","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10078","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11038","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11175","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11237","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21717"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21717","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21717"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453162","reference_id":"2453162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453162"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T19:46:02Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21717"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgkh-jdah-wfh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25?format=json","vulnerability_id":"VCID-dmv4-ydq9-a7eq","summary":"Excessive CPU usage in HTTP/2 with small window updates","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9511","reference_id":"","reference_type":"","scores":[{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94283","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94371","published_at":"2026-05-09T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94344","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94347","published_at":"2026-04-26T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94345","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.9435","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94359","published_at":"2026-05-07T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94292","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94302","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94313","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94318","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94322","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94324","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13948","scoring_system":"epss","scoring_elements":"0.94339","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741860","reference_id":"1741860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741860"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885","reference_id":"934885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037","reference_id":"935037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037"},{"reference_url":"https://security.archlinux.org/ASA-201908-12","reference_id":"ASA-201908-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-12"},{"reference_url":"https://security.archlinux.org/ASA-201908-13","reference_id":"ASA-201908-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-13"},{"reference_url":"https://security.archlinux.org/ASA-201908-17","reference_id":"ASA-201908-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-17"},{"reference_url":"https://security.archlinux.org/AVG-1022","reference_id":"AVG-1022","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1022"},{"reference_url":"https://security.archlinux.org/AVG-1023","reference_id":"AVG-1023","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1023"},{"reference_url":"https://security.archlinux.org/AVG-1024","reference_id":"AVG-1024","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1024"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9511","reference_id":"CVE-2019-9511","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2692","reference_id":"RHSA-2019:2692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2745","reference_id":"RHSA-2019:2745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2746","reference_id":"RHSA-2019:2746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2775","reference_id":"RHSA-2019:2775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2799","reference_id":"RHSA-2019:2799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2946","reference_id":"RHSA-2019:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2949","reference_id":"RHSA-2019:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3041","reference_id":"RHSA-2019:3041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2565","reference_id":"RHSA-2020:2565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3192","reference_id":"RHSA-2020:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5856","reference_id":"RHSA-2024:5856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5856"},{"reference_url":"https://usn.ubuntu.com/4099-1/","reference_id":"USN-4099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4099-1/"},{"reference_url":"https://usn.ubuntu.com/6754-1/","reference_id":"USN-6754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6754-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932816?format=json","purl":"pkg:deb/debian/nodejs@10.16.3~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.16.3~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9511"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-ydq9-a7eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63919?format=json","vulnerability_id":"VCID-dt7u-3usg-9uet","summary":"Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21710.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21710","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0252","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03788","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05762","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05826","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05805","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0579","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05755","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05763","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08043","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08124","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08078","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08015","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08778","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08927","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08998","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453151","reference_id":"2453151","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453151"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:20Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7080","reference_id":"RHSA-2026:7080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7123","reference_id":"RHSA-2026:7123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7302","reference_id":"RHSA-2026:7302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7310","reference_id":"RHSA-2026:7310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7896","reference_id":"RHSA-2026:7896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7983","reference_id":"RHSA-2026:7983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8339","reference_id":"RHSA-2026:8339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9711","reference_id":"RHSA-2026:9711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9874","reference_id":"RHSA-2026:9874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9874"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21710"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dt7u-3usg-9uet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62473?format=json","vulnerability_id":"VCID-e18p-c3m9-2qgy","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44532","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32731","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32862","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32897","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32718","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32765","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32792","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32794","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32756","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3273","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32771","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32748","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32567","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32451","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32368","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3223","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32295","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32305","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177","reference_id":"1004177","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040846","reference_id":"2040846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040846"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4914","reference_id":"RHSA-2022:4914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7044","reference_id":"RHSA-2022:7044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7830","reference_id":"RHSA-2022:7830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:9073","reference_id":"RHSA-2022:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3742","reference_id":"RHSA-2023:3742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3742"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932826?format=json","purl":"pkg:deb/debian/nodejs@12.22.9~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.9~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932825?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-44532"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e18p-c3m9-2qgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37546?format=json","vulnerability_id":"VCID-e6gj-fe31-kkh5","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46809.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46809","reference_id":"","reference_type":"","scores":[{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79194","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79367","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79316","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79328","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79349","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79218","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79203","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79236","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.7926","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79244","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79232","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79259","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79256","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79257","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79292","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79298","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055","reference_id":"1064055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264569","reference_id":"2264569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264569"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2024-security-releases","reference_id":"february-2024-security-releases","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T17:40:41Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/february-2024-security-releases"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1503","reference_id":"RHSA-2024:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1510","reference_id":"RHSA-2024:1510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1880","reference_id":"RHSA-2024:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1932","reference_id":"RHSA-2024:1932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932835?format=json","purl":"pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46809"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6gj-fe31-kkh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62488?format=json","vulnerability_id":"VCID-e7u5-356v-jbg7","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30590","reference_id":"","reference_type":"","scores":[{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76361","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76391","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76405","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.7642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76423","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76418","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76459","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76463","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76483","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76489","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76502","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76488","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76518","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76536","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30590"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990","reference_id":"1039990","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219842","reference_id":"2219842","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219842"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4330","reference_id":"RHSA-2023:4330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4331","reference_id":"RHSA-2023:4331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4536","reference_id":"RHSA-2023:4536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4537","reference_id":"RHSA-2023:4537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6735-1/","reference_id":"USN-6735-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6735-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30590"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7u5-356v-jbg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62486?format=json","vulnerability_id":"VCID-ec66-gwvw-kucs","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30587.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30587","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02564","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02743","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02688","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02705","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02578","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02582","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02608","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02591","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02579","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02577","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02562","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02571","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02681","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02669","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02658","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02713","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30587"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219831","reference_id":"2219831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219831"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:23:12Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30587"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ec66-gwvw-kucs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37521?format=json","vulnerability_id":"VCID-enz6-qdn6-dkgm","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38552.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38552","reference_id":"","reference_type":"","scores":[{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6041","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60545","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60499","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60497","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6048","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60495","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60482","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60441","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60487","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60437","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60454","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6049","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60477","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892","reference_id":"1054892","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892"},{"reference_url":"https://hackerone.com/reports/2094235","reference_id":"2094235","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://hackerone.com/reports/2094235"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244415","reference_id":"2244415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244415"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","reference_id":"E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","reference_id":"FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","reference_id":"HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","reference_id":"LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231116-0013/","reference_id":"ntap-20231116-0013","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231116-0013/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5849","reference_id":"RHSA-2023:5849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5869","reference_id":"RHSA-2023:5869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","reference_id":"X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-38552"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enz6-qdn6-dkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57381?format=json","vulnerability_id":"VCID-f7ch-ze7a-d7gr","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12116.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12116","reference_id":"","reference_type":"","scores":[{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67376","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67315","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67294","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67314","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67325","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67298","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67339","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.7001","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.69995","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.69981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.70024","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.69917","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.69987","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.69929","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.69944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.69922","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.6997","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660998","reference_id":"1660998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660998"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12116"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f7ch-ze7a-d7gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63932?format=json","vulnerability_id":"VCID-fetp-hvhq-dube","summary":"Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21712.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21712.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21712","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01719","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02676","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02807","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02788","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02784","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02781","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02893","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02935","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02814","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02817","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02838","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04068","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04054","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04101","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21712"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453037","reference_id":"2453037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453037"},{"reference_url":"https://hackerone.com/reports/3546390","reference_id":"3546390","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T15:52:17Z/"}],"url":"https://hackerone.com/reports/3546390"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T15:52:17Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21712"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fetp-hvhq-dube"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/167678?format=json","vulnerability_id":"VCID-g28p-7shw-n3bn","summary":"Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to \"..\" handling was incompatible with the pathname validation used by unspecified community modules.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14849","reference_id":"","reference_type":"","scores":[{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99601","published_at":"2026-05-09T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99602","published_at":"2026-05-07T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99591","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99592","published_at":"2026-04-04T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99593","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99594","published_at":"2026-04-11T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99595","published_at":"2026-04-13T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99597","published_at":"2026-04-24T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99598","published_at":"2026-04-29T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.996","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14849"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/"},{"reference_url":"https://twitter.com/nodejs/status/913131152868876288","reference_id":"","reference_type":"","scores":[],"url":"https://twitter.com/nodejs/status/913131152868876288"},{"reference_url":"http://www.securityfocus.com/bid/101056","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101056"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14849","reference_id":"CVE-2017-14849","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14849"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-14849"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g28p-7shw-n3bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62485?format=json","vulnerability_id":"VCID-g5wj-ffk1-7bg7","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30586.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30586.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30586","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13467","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13348","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13315","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1321","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13111","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13266","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13529","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13406","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13456","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1343","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13395","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13349","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13256","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13255","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13336","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13342","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30586"},{"reference_url":"https://hackerone.com/reports/1954535","reference_id":"1954535","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:27:16Z/"}],"url":"https://hackerone.com/reports/1954535"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219837","reference_id":"2219837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219837"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230803-0008/","reference_id":"ntap-20230803-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:27:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230803-0008/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30586"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5wj-ffk1-7bg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11561?format=json","vulnerability_id":"VCID-gwyr-ac4e-dqfa","summary":"Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')\nThe llhttp parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22959","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43692","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4354","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43446","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43521","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43747","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43772","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43706","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43756","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43759","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43779","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43746","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4373","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43791","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43783","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43715","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43652","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43657","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43574","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1238709","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1238709"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014057","reference_id":"2014057","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014057"},{"reference_url":"https://security.archlinux.org/ASA-202110-4","reference_id":"ASA-202110-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202110-4"},{"reference_url":"https://security.archlinux.org/AVG-2460","reference_id":"AVG-2460","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2460"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22959","reference_id":"CVE-2021-22959","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22959"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5171","reference_id":"RHSA-2021:5171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0041","reference_id":"RHSA-2022:0041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0246","reference_id":"RHSA-2022:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0350","reference_id":"RHSA-2022:0350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4914","reference_id":"RHSA-2022:4914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4914"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932824?format=json","purl":"pkg:deb/debian/nodejs@12.22.7~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.7~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932825?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22959"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gwyr-ac4e-dqfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82978?format=json","vulnerability_id":"VCID-h8gu-1htb-u3fg","summary":"nodejs: Debugger port 5858 listens on any interface by default","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12120.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12120.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12120","reference_id":"","reference_type":"","scores":[{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.61938","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.6201","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62041","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62009","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62098","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62087","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62066","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62109","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62114","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62097","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62095","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62111","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62104","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.6205","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.621","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62159","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12120"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12120","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12120"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661016","reference_id":"1661016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932811?format=json","purl":"pkg:deb/debian/nodejs@8.9.3~dfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@8.9.3~dfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12120"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8gu-1htb-u3fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78661?format=json","vulnerability_id":"VCID-hnjv-fp2r-vqfq","summary":"Node.js: insecure loading of ICU data through ICU_DATA environment variable","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23920.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23920.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23920","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23835","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2368","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23764","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26446","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26511","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26483","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26385","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26323","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26378","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26699","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26485","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26553","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26602","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26608","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26562","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26505","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23920"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834","reference_id":"1031834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172217","reference_id":"2172217","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172217"},{"reference_url":"https://www.debian.org/security/2023/dsa-5395","reference_id":"dsa-5395","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/"}],"url":"https://www.debian.org/security/2023/dsa-5395"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/","reference_id":"february-2023-security-releases","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230316-0008/","reference_id":"ntap-20230316-0008","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:22:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230316-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1533","reference_id":"RHSA-2023:1533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1582","reference_id":"RHSA-2023:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1583","reference_id":"RHSA-2023:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1743","reference_id":"RHSA-2023:1743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1744","reference_id":"RHSA-2023:1744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2654","reference_id":"RHSA-2023:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2655","reference_id":"RHSA-2023:2655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6672-1/","reference_id":"USN-6672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-23920"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hnjv-fp2r-vqfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84192?format=json","vulnerability_id":"VCID-hu7c-gc8f-q3cm","summary":"nodejs: Constant Hashtable Seeds vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11499.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11499.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11499","reference_id":"","reference_type":"","scores":[{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59252","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59428","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59321","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.5937","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59326","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59349","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59314","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59364","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59377","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59396","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.5938","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59362","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59395","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59401","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59382","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59379","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59363","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11499"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475327","reference_id":"1475327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475327"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868162","reference_id":"868162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2908","reference_id":"RHSA-2017:2908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3002","reference_id":"RHSA-2017:3002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932809?format=json","purl":"pkg:deb/debian/nodejs@4.8.4~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.8.4~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-11499"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hu7c-gc8f-q3cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78333?format=json","vulnerability_id":"VCID-jbph-d393-byd4","summary":"nodejs: privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30585.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30585","reference_id":"","reference_type":"","scores":[{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84091","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.8411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84133","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84139","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84156","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84169","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.8417","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.842","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84207","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84232","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84257","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84274","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30585"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219835","reference_id":"2219835","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30585"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbph-d393-byd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64948?format=json","vulnerability_id":"VCID-jbws-qjq3-qbhq","summary":"nodejs: Nodejs network segmentation bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21636.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21636","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0669","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06476","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06497","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06626","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06272","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06251","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06297","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06338","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0633","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06324","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06264","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06277","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0644","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06463","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21636"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431342","reference_id":"2431342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431342"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T18:38:13Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21636"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbws-qjq3-qbhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64950?format=json","vulnerability_id":"VCID-k4cj-47gd-s7ck","summary":"nodejs: Nodejs memory leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59464.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59464","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16583","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16402","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16313","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16179","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16296","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16645","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16445","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16531","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16585","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16566","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16526","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16409","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16429","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16466","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16357","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59464"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431344","reference_id":"2431344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431344"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:40:07Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7378","reference_id":"RHSA-2026:7378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7657","reference_id":"RHSA-2026:7657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-59464"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4cj-47gd-s7ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57390?format=json","vulnerability_id":"VCID-ke6j-fgys-gyga","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15605.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15605.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15605","reference_id":"","reference_type":"","scores":[{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96807","published_at":"2026-04-01T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96816","published_at":"2026-04-04T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.9682","published_at":"2026-04-07T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96828","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.9683","published_at":"2026-04-09T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96832","published_at":"2026-04-12T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96834","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.9684","published_at":"2026-04-16T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96844","published_at":"2026-04-18T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96846","published_at":"2026-04-24T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96849","published_at":"2026-04-26T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96852","published_at":"2026-04-29T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96857","published_at":"2026-05-05T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96862","published_at":"2026-05-07T12:55:00Z"},{"value":"0.32252","scoring_system":"epss","scoring_elements":"0.96867","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800364","reference_id":"1800364","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800364"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977467","reference_id":"977467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0598","reference_id":"RHSA-2020:0598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0703","reference_id":"RHSA-2020:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0707","reference_id":"RHSA-2020:0707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0708","reference_id":"RHSA-2020:0708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1510","reference_id":"RHSA-2020:1510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1510"},{"reference_url":"https://usn.ubuntu.com/6380-1/","reference_id":"USN-6380-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6380-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932814?format=json","purl":"pkg:deb/debian/nodejs@10.19.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.19.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-15605"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ke6j-fgys-gyga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62493?format=json","vulnerability_id":"VCID-kj75-vmwa-gqgq","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32006.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32006.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32006","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22435","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22171","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22343","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22337","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22287","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22137","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22125","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22114","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22012","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22092","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22479","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22267","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2235","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22405","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22426","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22385","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32006"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739","reference_id":"1050739","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739"},{"reference_url":"https://hackerone.com/reports/2043807","reference_id":"2043807","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/"}],"url":"https://hackerone.com/reports/2043807"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230955","reference_id":"2230955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230955"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/","reference_id":"JQPELKG2LVTADSB7ME73AV4DXQK47PWK","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230915-0009/","reference_id":"ntap-20230915-0009","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230915-0009/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/","reference_id":"PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5360","reference_id":"RHSA-2023:5360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5362","reference_id":"RHSA-2023:5362","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5362"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5363","reference_id":"RHSA-2023:5363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5532","reference_id":"RHSA-2023:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6822-1/","reference_id":"USN-6822-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6822-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32006"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kj75-vmwa-gqgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37583?format=json","vulnerability_id":"VCID-krft-297e-qfdw","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36137.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36137","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2355","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23557","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24071","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24117","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24133","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24092","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2418","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24218","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24035","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24222","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24077","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24158","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24371","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24246","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24232","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36137"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2299281","reference_id":"2299281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2299281"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases","reference_id":"july-2024-security-releases","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:06:27Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5814","reference_id":"RHSA-2024:5814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5815","reference_id":"RHSA-2024:5815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932836?format=json","purl":"pkg:deb/debian/nodejs@20.15.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.15.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-36137"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-krft-297e-qfdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68614?format=json","vulnerability_id":"VCID-kvmm-gh2f-zqau","summary":"nodejs: Node.js Rapidhash HashDoS Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27209.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27209.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27209","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05749","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.104","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10335","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10234","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10307","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10369","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10358","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14164","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14188","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15323","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1555","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15445","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27209"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382040","reference_id":"2382040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382040"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases","reference_id":"july-2025-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T17:14:28Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-27209"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvmm-gh2f-zqau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13041?format=json","vulnerability_id":"VCID-m5ae-uc68-d3g2","summary":"Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')\nThis advisory has been marked as a false positive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21824","reference_id":"","reference_type":"","scores":[{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56358","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56372","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56293","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56313","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56291","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56245","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56294","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00505","scoring_system":"epss","scoring_elements":"0.66171","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.7108","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71126","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71134","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71111","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71096","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71058","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71033","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71076","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71088","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1431042","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1431042"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220325-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220325-0007/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220729-0004/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5170","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2022/dsa-5170"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177","reference_id":"1004177","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040862","reference_id":"2040862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040862"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21824","reference_id":"CVE-2022-21824","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21824"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4914","reference_id":"RHSA-2022:4914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7044","reference_id":"RHSA-2022:7044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7830","reference_id":"RHSA-2022:7830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:9073","reference_id":"RHSA-2022:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3742","reference_id":"RHSA-2023:3742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3742"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932826?format=json","purl":"pkg:deb/debian/nodejs@12.22.9~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.9~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932825?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-21824"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ae-uc68-d3g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62480?format=json","vulnerability_id":"VCID-m7rw-arzq-jba1","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43548","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68594","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68447","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68484","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68498","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68476","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68525","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68531","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68536","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68515","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68557","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68398","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68466","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518","reference_id":"1023518","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140911","reference_id":"2140911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140911"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/","reference_id":"november-2022-security-releases","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230120-0004/","reference_id":"ntap-20230120-0004","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230120-0004/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0007/","reference_id":"ntap-20230427-0007","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8832","reference_id":"RHSA-2022:8832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8833","reference_id":"RHSA-2022:8833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:9073","reference_id":"RHSA-2022:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0050","reference_id":"RHSA-2023:0050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0321","reference_id":"RHSA-2023:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0612","reference_id":"RHSA-2023:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1533","reference_id":"RHSA-2023:1533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://usn.ubuntu.com/6491-1/","reference_id":"USN-6491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932828?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932830?format=json","purl":"pkg:deb/debian/nodejs@18.12.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.12.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-43548"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7rw-arzq-jba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37551?format=json","vulnerability_id":"VCID-mqcy-2run-93d6","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21892.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21892.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21892","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63686","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63609","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63592","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6361","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63623","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63618","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6359","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63634","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63536","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63564","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63529","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63581","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63613","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.636","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21892"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055","reference_id":"1064055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055"},{"reference_url":"https://hackerone.com/reports/2237545","reference_id":"2237545","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:40Z/"}],"url":"https://hackerone.com/reports/2237545"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264582","reference_id":"2264582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264582"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240322-0003/","reference_id":"ntap-20240322-0003","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240322-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1503","reference_id":"RHSA-2024:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1510","reference_id":"RHSA-2024:1510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1880","reference_id":"RHSA-2024:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1932","reference_id":"RHSA-2024:1932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932835?format=json","purl":"pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21892"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqcy-2run-93d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62474?format=json","vulnerability_id":"VCID-ms5y-gp7v-2qay","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44533","reference_id":"","reference_type":"","scores":[{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58493","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58467","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58429","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58442","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58428","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58392","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00364","scoring_system":"epss","scoring_elements":"0.58434","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61997","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61977","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62019","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62024","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61846","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62008","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6195","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61969","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61987","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177","reference_id":"1004177","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040856","reference_id":"2040856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2040856"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4914","reference_id":"RHSA-2022:4914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7044","reference_id":"RHSA-2022:7044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7830","reference_id":"RHSA-2022:7830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:9073","reference_id":"RHSA-2022:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3742","reference_id":"RHSA-2023:3742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3742"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932826?format=json","purl":"pkg:deb/debian/nodejs@12.22.9~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.9~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932825?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-44533"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ms5y-gp7v-2qay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55688?format=json","vulnerability_id":"VCID-n66u-b73u-zucb","summary":"golang.org/x/net/http vulnerable to a reset flood\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. Servers that accept direct connections from untrusted clients could be remotely made to allocate an unlimited amount of memory, until the program crashes. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.\n\n### Specific Go Packages Affected\ngolang.org/x/net/http2","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2594","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2661","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2682","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2690","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2726","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2766","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2769","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2796","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2861","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2966","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3131","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3245","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3265","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3892","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3906","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4018","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4019","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4020","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4021","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4040","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4041","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4042","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4045","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4269","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4273","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4352","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0406","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0727","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0727"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9514","reference_id":"","reference_type":"","scores":[{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92878","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92799","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92806","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.9281","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92809","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92818","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92822","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92826","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92825","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92836","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92837","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92841","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92848","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.9285","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92845","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92853","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09483","scoring_system":"epss","scoring_elements":"0.92867","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Aug/16","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Aug/16"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"},{"reference_url":"https://go.dev/cl/190137","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/190137"},{"reference_url":"https://go.dev/issue/33606","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/33606"},{"reference_url":"https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5"},{"reference_url":"https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ"},{"reference_url":"https://kb.cert.org/vuls/id/605641","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kb.cert.org/vuls/id/605641"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10296","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10296"},{"reference_url":"https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9514","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9514"},{"reference_url":"https://pkg.go.dev/vuln/GO-2022-0536","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pkg.go.dev/vuln/GO-2022-0536"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/24","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/24"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/31","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/31"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/43","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/43"},{"reference_url":"https://seclists.org/bugtraq/2019/Sep/18","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Sep/18"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0005","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0005"},{"reference_url":"https://support.f5.com/csp/article/K01988340","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K01988340"},{"reference_url":"https://support.f5.com/csp/article/K01988340?utm_source=f5support&amp;utm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K01988340?utm_source=f5support&amp;utm_medium=RSS"},{"reference_url":"https://usn.ubuntu.com/4308-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-1"},{"reference_url":"https://www.debian.org/security/2019/dsa-4503","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4503"},{"reference_url":"https://www.debian.org/security/2019/dsa-4508","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4508"},{"reference_url":"https://www.debian.org/security/2019/dsa-4520","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4520"},{"reference_url":"https://www.debian.org/security/2020/dsa-4669","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2020/dsa-4669"},{"reference_url":"https://www.synology.com/security/advisory/Synology_SA_19_33","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.synology.com/security/advisory/Synology_SA_19_33"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/08/20/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/08/20/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/18/8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2023/10/18/8"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667","reference_id":"1062667","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735744","reference_id":"1735744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735744"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885","reference_id":"934885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886","reference_id":"934886","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887","reference_id":"934887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887"},{"reference_url":"https://security.archlinux.org/ASA-201908-15","reference_id":"ASA-201908-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-15"},{"reference_url":"https://security.archlinux.org/AVG-1021","reference_id":"AVG-1021","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2817","reference_id":"RHSA-2019:2817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2565","reference_id":"RHSA-2020:2565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3196","reference_id":"RHSA-2020:3196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3197","reference_id":"RHSA-2020:3197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5856","reference_id":"RHSA-2024:5856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5856"},{"reference_url":"https://usn.ubuntu.com/USN-4866-1/","reference_id":"USN-USN-4866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4866-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932816?format=json","purl":"pkg:deb/debian/nodejs@10.16.3~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.16.3~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9514","GHSA-39qc-96h7-956f"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n66u-b73u-zucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48670?format=json","vulnerability_id":"VCID-n91z-kugd-ebb5","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8201.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8201.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8201","reference_id":"","reference_type":"","scores":[{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70267","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70297","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70273","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70319","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70333","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70357","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70342","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70372","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70381","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70362","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70414","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70423","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70422","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70394","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70435","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70466","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8201"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879311","reference_id":"1879311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4272","reference_id":"RHSA-2020:4272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4903","reference_id":"RHSA-2020:4903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5086","reference_id":"RHSA-2020:5086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5086"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932818?format=json","purl":"pkg:deb/debian/nodejs@12.18.4~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.18.4~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8201"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n91z-kugd-ebb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37580?format=json","vulnerability_id":"VCID-nenk-4cgd-fugv","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27983.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27983.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27983","reference_id":"","reference_type":"","scores":[{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98933","published_at":"2026-05-09T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98907","published_at":"2026-04-02T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98909","published_at":"2026-04-04T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98911","published_at":"2026-04-07T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98912","published_at":"2026-04-09T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98914","published_at":"2026-04-12T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98915","published_at":"2026-04-13T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98917","published_at":"2026-04-16T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98919","published_at":"2026-04-18T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98922","published_at":"2026-04-21T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98926","published_at":"2026-04-26T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98927","published_at":"2026-04-29T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98931","published_at":"2026-05-05T12:55:00Z"},{"value":"0.75933","scoring_system":"epss","scoring_elements":"0.98932","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27983"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27983"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347","reference_id":"1068347","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068347"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272764","reference_id":"2272764","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272764"},{"reference_url":"https://hackerone.com/reports/2319584","reference_id":"2319584","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/"}],"url":"https://hackerone.com/reports/2319584"},{"reference_url":"https://security.archlinux.org/AVG-2852","reference_id":"AVG-2852","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2852"},{"reference_url":"https://security.archlinux.org/AVG-2853","reference_id":"AVG-2853","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2853"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE/","reference_id":"JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240510-0002/","reference_id":"ntap-20240510-0002","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240510-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2778","reference_id":"RHSA-2024:2778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2779","reference_id":"RHSA-2024:2779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2780","reference_id":"RHSA-2024:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2853","reference_id":"RHSA-2024:2853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2910","reference_id":"RHSA-2024:2910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2937","reference_id":"RHSA-2024:2937","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2937"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3472","reference_id":"RHSA-2024:3472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3544","reference_id":"RHSA-2024:3544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3545","reference_id":"RHSA-2024:3545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3553","reference_id":"RHSA-2024:3553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4353","reference_id":"RHSA-2024:4353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4824","reference_id":"RHSA-2024:4824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4824"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW/","reference_id":"YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:14:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932837?format=json","purl":"pkg:deb/debian/nodejs@18.20.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-27983"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nenk-4cgd-fugv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83609?format=json","vulnerability_id":"VCID-nkas-113k-wkbu","summary":"nodejs: HTTP parser allowed for spaces inside Content-Length header values","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7159.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7159.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7159","reference_id":"","reference_type":"","scores":[{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69108","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69202","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69213","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69222","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69201","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69253","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69262","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69269","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69124","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69145","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69126","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69176","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69195","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69217","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69174","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00728","scoring_system":"epss","scoring_elements":"0.72694","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00728","scoring_system":"epss","scoring_elements":"0.72724","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00728","scoring_system":"epss","scoring_elements":"0.72749","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7159"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"},{"reference_url":"https://support.f5.com/csp/article/K27228191?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K27228191?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561981","reference_id":"1561981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561981"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7159","reference_id":"CVE-2018-7159","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2949","reference_id":"RHSA-2018:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2258","reference_id":"RHSA-2019:2258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2258"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932813?format=json","purl":"pkg:deb/debian/nodejs@8.11.1~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@8.11.1~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7159"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkas-113k-wkbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62494?format=json","vulnerability_id":"VCID-p31t-nxwe-yyf2","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32558.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32558","reference_id":"","reference_type":"","scores":[{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41223","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41253","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41179","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41227","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41236","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41258","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41226","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41255","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41153","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41036","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40955","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40815","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.4089","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40905","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32558"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230952","reference_id":"2230952","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230952"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32558"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p31t-nxwe-yyf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48265?format=json","vulnerability_id":"VCID-p8ab-a4gk-eyd2","summary":"Multiple vulnerabilities have been found in the Chromium web\n    browser, the worst of which allows remote attackers to execute arbitrary\n    code.","references":[{"reference_url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html","reference_id":"","reference_type":"","scores":[],"url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1080.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1080.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0002.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0002.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0336","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0336"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1669.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1669.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1669","reference_id":"","reference_type":"","scores":[{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81796","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.82003","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81939","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81978","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81807","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81829","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81827","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81853","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.8186","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81879","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81861","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81898","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.819","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81923","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01626","scoring_system":"epss","scoring_elements":"0.81934","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1669"},{"reference_url":"https://codereview.chromium.org/1945313002","reference_id":"","reference_type":"","scores":[],"url":"https://codereview.chromium.org/1945313002"},{"reference_url":"https://crbug.com/606115","reference_id":"","reference_type":"","scores":[],"url":"https://crbug.com/606115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3590","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3590"},{"reference_url":"http://www.securityfocus.com/bid/90584","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90584"},{"reference_url":"http://www.securitytracker.com/id/1035872","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035872"},{"reference_url":"http://www.ubuntu.com/usn/USN-2960-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2960-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1335449","reference_id":"1335449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1335449"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1669","reference_id":"CVE-2016-1669","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1669"},{"reference_url":"https://security.gentoo.org/glsa/201605-02","reference_id":"GLSA-201605-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1080","reference_id":"RHSA-2016:1080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0002","reference_id":"RHSA-2017:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0879","reference_id":"RHSA-2017:0879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0880","reference_id":"RHSA-2017:0880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0881","reference_id":"RHSA-2017:0881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0882","reference_id":"RHSA-2017:0882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0882"},{"reference_url":"https://usn.ubuntu.com/2960-1/","reference_id":"USN-2960-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2960-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932806?format=json","purl":"pkg:deb/debian/nodejs@4.4.6~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.4.6~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-1669"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p8ab-a4gk-eyd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37589?format=json","vulnerability_id":"VCID-p9sg-8byk-eydy","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37372.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37372.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37372","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15103","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15069","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15014","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14883","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15009","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15193","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15261","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15152","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15203","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1507","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14969","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14978","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1503","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37372"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336663","reference_id":"2336663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336663"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:37:14Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:37:14Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-37372"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9sg-8byk-eydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/266492?format=json","vulnerability_id":"VCID-pd4q-4b15-gqey","summary":"A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory.\r\n\r\nOn Windows, a path that does not start with the file separator is treated as relative to the current directory. \r\n\r\nThis vulnerability affects Windows users of `path.join` API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23084","reference_id":"","reference_type":"","scores":[{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.7979","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79605","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79734","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.7975","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79773","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79627","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79642","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.7965","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79655","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79677","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79681","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79712","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79719","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23084"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases","reference_id":"january-2025-security-releases","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-28T15:07:59Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23084"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pd4q-4b15-gqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62472?format=json","vulnerability_id":"VCID-pqnn-ers1-3fec","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22884","reference_id":"","reference_type":"","scores":[{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.5038","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50409","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50325","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50377","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50436","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50465","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50419","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50472","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50469","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50512","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50517","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50493","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.5044","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50401","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22884"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932024","reference_id":"1932024","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932024"},{"reference_url":"https://security.archlinux.org/AVG-1604","reference_id":"AVG-1604","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1604"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0734","reference_id":"RHSA-2021:0734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0735","reference_id":"RHSA-2021:0735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0738","reference_id":"RHSA-2021:0738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0739","reference_id":"RHSA-2021:0739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0740","reference_id":"RHSA-2021:0740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0741","reference_id":"RHSA-2021:0741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0744","reference_id":"RHSA-2021:0744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0827","reference_id":"RHSA-2021:0827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0830","reference_id":"RHSA-2021:0830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0831","reference_id":"RHSA-2021:0831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0831"},{"reference_url":"https://usn.ubuntu.com/6418-1/","reference_id":"USN-6418-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6418-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932820?format=json","purl":"pkg:deb/debian/nodejs@12.21.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.21.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22884"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pqnn-ers1-3fec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83865?format=json","vulnerability_id":"VCID-pwe6-zwyr-nqhy","summary":"nodejs: DoS via specific windowBits value","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14919.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14919","reference_id":"","reference_type":"","scores":[{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73886","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73799","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73832","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73841","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73842","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73836","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73862","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73751","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73763","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73786","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73759","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.738","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73808","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77436","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77462","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77441","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.7743","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14919"},{"reference_url":"https://nodejs.org/en/blog/release/v4.8.5/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/release/v4.8.5/"},{"reference_url":"https://nodejs.org/en/blog/release/v6.11.5/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/release/v6.11.5/"},{"reference_url":"https://nodejs.org/en/blog/release/v8.8.0/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/release/v8.8.0/"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/oct-2017-dos/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/oct-2017-dos/"},{"reference_url":"http://www.securityfocus.com/bid/101881","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101881"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1516175","reference_id":"1516175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1516175"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14919","reference_id":"CVE-2017-14919","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14919"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-14919"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwe6-zwyr-nqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62487?format=json","vulnerability_id":"VCID-q75s-43sx-4kbg","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30588.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30588.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30588","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0854","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08594","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08512","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08585","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08602","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08582","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08566","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08458","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08445","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.086","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08613","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08563","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08505","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0865","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08732","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30588"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990","reference_id":"1039990","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219838","reference_id":"2219838","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219838"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4330","reference_id":"RHSA-2023:4330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4331","reference_id":"RHSA-2023:4331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4536","reference_id":"RHSA-2023:4536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4537","reference_id":"RHSA-2023:4537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6735-1/","reference_id":"USN-6735-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6735-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30588"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q75s-43sx-4kbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62471?format=json","vulnerability_id":"VCID-q8th-849w-bfhp","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22883","reference_id":"","reference_type":"","scores":[{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99544","published_at":"2026-04-02T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99554","published_at":"2026-05-09T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99553","published_at":"2026-04-29T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99555","published_at":"2026-05-05T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99545","published_at":"2026-04-04T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99546","published_at":"2026-04-11T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99547","published_at":"2026-04-12T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99548","published_at":"2026-04-13T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.9955","published_at":"2026-04-21T12:55:00Z"},{"value":"0.89427","scoring_system":"epss","scoring_elements":"0.99551","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932014","reference_id":"1932014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932014"},{"reference_url":"https://security.archlinux.org/AVG-1604","reference_id":"AVG-1604","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1604"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0734","reference_id":"RHSA-2021:0734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0735","reference_id":"RHSA-2021:0735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0738","reference_id":"RHSA-2021:0738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0739","reference_id":"RHSA-2021:0739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0740","reference_id":"RHSA-2021:0740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0741","reference_id":"RHSA-2021:0741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0744","reference_id":"RHSA-2021:0744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0827","reference_id":"RHSA-2021:0827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0830","reference_id":"RHSA-2021:0830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0831","reference_id":"RHSA-2021:0831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0831"},{"reference_url":"https://usn.ubuntu.com/6418-1/","reference_id":"USN-6418-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6418-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932820?format=json","purl":"pkg:deb/debian/nodejs@12.21.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.21.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22883"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q8th-849w-bfhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57386?format=json","vulnerability_id":"VCID-r8jj-tkxd-5qg8","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7162.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7162.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7162","reference_id":"","reference_type":"","scores":[{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77114","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77319","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77297","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.7712","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77149","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77131","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77164","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77173","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.772","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77179","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77215","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77216","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77208","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77243","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77249","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01017","scoring_system":"epss","scoring_elements":"0.77264","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7162"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"},{"reference_url":"https://security.gentoo.org/glsa/202003-48","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-48"},{"reference_url":"http://www.securityfocus.com/bid/104468","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104468"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591018","reference_id":"1591018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591018"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7162","reference_id":"CVE-2018-7162","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7162"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7162"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8jj-tkxd-5qg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62491?format=json","vulnerability_id":"VCID-rg1f-5nhq-m7ea","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32004.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32004","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30173","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30639","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30433","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30318","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30095","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30164","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30818","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30635","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30693","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30725","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30729","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30683","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32004"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2038134","reference_id":"2038134","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://hackerone.com/reports/2038134"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230951","reference_id":"2230951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230951"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/","reference_id":"JQPELKG2LVTADSB7ME73AV4DXQK47PWK","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230915-0009/","reference_id":"ntap-20230915-0009","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230915-0009/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/","reference_id":"PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32004"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rg1f-5nhq-m7ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57388?format=json","vulnerability_id":"VCID-rhxy-h93e-y3d4","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7167.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7167.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7167","reference_id":"","reference_type":"","scores":[{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.7339","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73298","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73307","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73299","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73333","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73346","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73345","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.7334","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73366","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73283","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73262","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73255","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74239","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74271","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74277","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74292","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74244","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7167"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"},{"reference_url":"https://security.gentoo.org/glsa/202003-48","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-48"},{"reference_url":"http://www.securityfocus.com/bid/106363","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106363"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591006","reference_id":"1591006","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591006"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7167","reference_id":"CVE-2018-7167","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2949","reference_id":"RHSA-2018:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2949"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7167"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhxy-h93e-y3d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37532?format=json","vulnerability_id":"VCID-s1a4-9r1m-8uaw","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39332.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39332.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39332","reference_id":"","reference_type":"","scores":[{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68556","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68752","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68693","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68673","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68715","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68575","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68553","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68646","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68634","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68643","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68655","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68682","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39332"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2199818","reference_id":"2199818","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-13T14:54:41Z/"}],"url":"https://hackerone.com/reports/2199818"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244414","reference_id":"2244414","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244414"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-13T14:54:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231116-0009/","reference_id":"ntap-20231116-0009","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-13T14:54:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231116-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-39332"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s1a4-9r1m-8uaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62489?format=json","vulnerability_id":"VCID-sag8-repb-g3f4","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32002.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32002.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32002","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12197","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12184","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12243","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12044","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12126","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12177","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12116","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11987","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11984","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12102","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17063","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17204","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17265","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17288","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17244","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17152","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32002"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739","reference_id":"1050739","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739"},{"reference_url":"https://hackerone.com/reports/1960870","reference_id":"1960870","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-02T14:47:51Z/"}],"url":"https://hackerone.com/reports/1960870"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230948","reference_id":"2230948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230948"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230915-0009/","reference_id":"ntap-20230915-0009","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-02T14:47:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230915-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5360","reference_id":"RHSA-2023:5360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5362","reference_id":"RHSA-2023:5362","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5362"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5363","reference_id":"RHSA-2023:5363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5532","reference_id":"RHSA-2023:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6822-1/","reference_id":"USN-6822-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6822-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32002"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sag8-repb-g3f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62102?format=json","vulnerability_id":"VCID-srpj-seee-xyhm","summary":"Multiple vulnerabilities have been found in the Chromium web\n    browser, the worst of which allows remote attackers to execute arbitrary\n    code.","references":[{"reference_url":"http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html","reference_id":"","reference_type":"","scores":[],"url":"http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6764.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6764","reference_id":"","reference_type":"","scores":[{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94353","published_at":"2026-05-09T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.9434","published_at":"2026-05-07T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94263","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94283","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94284","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94294","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94298","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94304","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94319","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94324","published_at":"2026-04-18T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94323","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94327","published_at":"2026-04-24T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94326","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13882","scoring_system":"epss","scoring_elements":"0.94331","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6764"},{"reference_url":"https://chromium.googlesource.com/v8/v8/+/6df9a1db8c85ab63dee63879456b6027df53fabc","reference_id":"","reference_type":"","scores":[],"url":"https://chromium.googlesource.com/v8/v8/+/6df9a1db8c85ab63dee63879456b6027df53fabc"},{"reference_url":"https://code.google.com/p/chromium/issues/detail?id=554946","reference_id":"","reference_type":"","scores":[],"url":"https://code.google.com/p/chromium/issues/detail?id=554946"},{"reference_url":"https://codereview.chromium.org/1440223002","reference_id":"","reference_type":"","scores":[],"url":"https://codereview.chromium.org/1440223002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6768","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6768"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6786"},{"reference_url":"http://www.debian.org/security/2015/dsa-3415","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3415"},{"reference_url":"http://www.securityfocus.com/bid/78209","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/78209"},{"reference_url":"http://www.securitytracker.com/id/1034298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1285774","reference_id":"1285774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1285774"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806385","reference_id":"806385","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-6764","reference_id":"CVE-2015-6764","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-6764"},{"reference_url":"https://security.gentoo.org/glsa/201603-09","reference_id":"GLSA-201603-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2545","reference_id":"RHSA-2015:2545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2545"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932804?format=json","purl":"pkg:deb/debian/nodejs@4.2.3~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.2.3~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-6764"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-srpj-seee-xyhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62484?format=json","vulnerability_id":"VCID-sthj-jvke-tyg7","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30584.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30584.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30584","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0192","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01908","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01898","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01894","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0191","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01879","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01874","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01855","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01853","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01939","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01933","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01929","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01959","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219829","reference_id":"2219829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219829"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T18:33:59Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30584"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sthj-jvke-tyg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11473?format=json","vulnerability_id":"VCID-tnhd-rr89-9udh","summary":"Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')\nThe parse function in llhttp ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22960","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45642","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45574","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45493","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45556","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45709","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45729","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45733","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45751","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45721","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45779","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45773","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.4572","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45651","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.4566","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.456","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1238099","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1238099"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014059","reference_id":"2014059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014059"},{"reference_url":"https://security.archlinux.org/ASA-202110-4","reference_id":"ASA-202110-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202110-4"},{"reference_url":"https://security.archlinux.org/AVG-2460","reference_id":"AVG-2460","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2460"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22960","reference_id":"CVE-2021-22960","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22960"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5171","reference_id":"RHSA-2021:5171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0041","reference_id":"RHSA-2022:0041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0246","reference_id":"RHSA-2022:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0350","reference_id":"RHSA-2022:0350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4914","reference_id":"RHSA-2022:4914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4914"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932824?format=json","purl":"pkg:deb/debian/nodejs@12.22.7~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.7~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932825?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22960"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tnhd-rr89-9udh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/266476?format=json","vulnerability_id":"VCID-tpck-fwrj-ruaq","summary":"Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\\Program Files\\Common Files\\SSL\\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32223","reference_id":"","reference_type":"","scores":[{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90888","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90783","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90804","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90819","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.9082","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90818","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90837","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90835","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90847","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90846","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90842","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90859","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90877","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32223"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32223"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tpck-fwrj-ruaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57380?format=json","vulnerability_id":"VCID-tqg7-dw5d-z3et","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12115.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12115","reference_id":"","reference_type":"","scores":[{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73956","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73963","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73988","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73959","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73993","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74007","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74029","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74011","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74004","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74043","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74052","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74044","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74076","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74085","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74084","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74077","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74103","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74125","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12115"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1620219","reference_id":"1620219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1620219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2552","reference_id":"RHSA-2018:2552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2553","reference_id":"RHSA-2018:2553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2944","reference_id":"RHSA-2018:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2949","reference_id":"RHSA-2018:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2949"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12115"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqg7-dw5d-z3et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63921?format=json","vulnerability_id":"VCID-twc8-ewm7-wkb1","summary":"nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21716.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21716.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21716","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00177","published_at":"2026-04-02T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00198","published_at":"2026-04-13T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00169","published_at":"2026-04-04T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00196","published_at":"2026-04-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00199","published_at":"2026-04-29T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00201","published_at":"2026-04-21T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00202","published_at":"2026-04-26T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00246","published_at":"2026-05-05T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00247","published_at":"2026-05-07T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00248","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21716"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21716","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21716"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453157","reference_id":"2453157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453157"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:27:06Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21716"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twc8-ewm7-wkb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64949?format=json","vulnerability_id":"VCID-u8bq-8jp4-jkem","summary":"nodejs: Nodejs denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59466.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59466.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59466","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08233","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08064","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08035","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08167","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08133","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08085","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08146","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08168","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0816","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0814","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0803","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08015","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08171","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08127","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08091","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59466"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431343","reference_id":"2431343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431343"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T18:38:35Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2767","reference_id":"RHSA-2026:2767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2768","reference_id":"RHSA-2026:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2864","reference_id":"RHSA-2026:2864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2899","reference_id":"RHSA-2026:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932843?format=json","purl":"pkg:deb/debian/nodejs@22.22.0%2Bdfsg%2B~cs22.19.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.0%252Bdfsg%252B~cs22.19.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-59466"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8bq-8jp4-jkem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14481?format=json","vulnerability_id":"VCID-u8pe-48f4-abc9","summary":"Authentication Bypass by Spoofing\nThe Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7160.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7160","reference_id":"","reference_type":"","scores":[{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81268","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81142","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.8116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81147","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.8114","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81177","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81178","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81176","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81199","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81206","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81227","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81246","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81075","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81084","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81108","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7160"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/nodejs/node/commit/e3950d1a402b80e4098a40aacddd6a104da0cfa9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nodejs/node/commit/e3950d1a402b80e4098a40aacddd6a104da0cfa9"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"},{"reference_url":"https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp;utm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp;utm_medium=RSS"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561979","reference_id":"1561979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561979"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7160","reference_id":"CVE-2018-7160","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7160"},{"reference_url":"https://github.com/advisories/GHSA-wq4c-wm6x-jw44","reference_id":"GHSA-wq4c-wm6x-jw44","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wq4c-wm6x-jw44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2949","reference_id":"RHSA-2018:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2949"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932813?format=json","purl":"pkg:deb/debian/nodejs@8.11.1~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@8.11.1~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7160","GHSA-wq4c-wm6x-jw44"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8pe-48f4-abc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62483?format=json","vulnerability_id":"VCID-ueyx-hwjr-fuhq","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30583.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30583","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05743","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06179","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06017","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06113","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05818","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05843","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05821","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05812","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05805","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05776","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05922","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05955","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05989","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05997","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30583"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219833","reference_id":"2219833","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219833"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:28:41Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30583"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueyx-hwjr-fuhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62490?format=json","vulnerability_id":"VCID-uftn-4gjb-dqe6","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32003.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32003.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32003","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19891","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19597","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19708","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19683","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19685","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1959","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19576","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1954","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19422","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19512","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19947","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19674","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19754","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19805","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1981","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19765","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32003"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2037887","reference_id":"2037887","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://hackerone.com/reports/2037887"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230959","reference_id":"2230959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230959"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/","reference_id":"JQPELKG2LVTADSB7ME73AV4DXQK47PWK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230915-0009/","reference_id":"ntap-20230915-0009","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230915-0009/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/","reference_id":"PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32003"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uftn-4gjb-dqe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57392?format=json","vulnerability_id":"VCID-us11-vy4j-pfd2","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00059.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00059.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1821","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1821"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5737.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5737","reference_id":"","reference_type":"","scores":[{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96272","published_at":"2026-04-01T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96349","published_at":"2026-05-09T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96328","published_at":"2026-04-29T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96337","published_at":"2026-05-05T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96343","published_at":"2026-05-07T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96287","published_at":"2026-04-04T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96291","published_at":"2026-04-07T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96303","published_at":"2026-04-09T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96307","published_at":"2026-04-12T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.9631","published_at":"2026-04-13T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96319","published_at":"2026-04-16T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96323","published_at":"2026-04-18T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96325","published_at":"2026-04-21T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96326","published_at":"2026-04-24T12:55:00Z"},{"value":"0.26351","scoring_system":"epss","scoring_elements":"0.96327","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5737"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/"},{"reference_url":"https://security.gentoo.org/glsa/202003-48","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-48"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190502-0008/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190502-0008/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690808","reference_id":"1690808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690808"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5737","reference_id":"CVE-2019-5737","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5737"},{"reference_url":"https://usn.ubuntu.com/USN-4796-1/","reference_id":"USN-USN-4796-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4796-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932815?format=json","purl":"pkg:deb/debian/nodejs@10.15.2~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.2~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-5737"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-us11-vy4j-pfd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83608?format=json","vulnerability_id":"VCID-usab-z8q8-7qd8","summary":"nodejs: path module regular expression denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7158.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7158","reference_id":"","reference_type":"","scores":[{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79394","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79584","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79529","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79544","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79565","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79401","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79424","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79447","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.7947","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79454","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79474","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79471","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79476","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79507","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79514","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7158"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561980","reference_id":"1561980","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561980"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7158","reference_id":"CVE-2018-7158","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7158"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932812?format=json","purl":"pkg:deb/debian/nodejs@6.0.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@6.0.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7158"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-usab-z8q8-7qd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62477?format=json","vulnerability_id":"VCID-v3uy-dqn9-qye5","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32222","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69973","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69987","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69964","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70012","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70028","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70051","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70036","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70023","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70066","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70075","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70056","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70107","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70115","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70114","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70132","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70163","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32222"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105424","reference_id":"2105424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105424"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32222"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3uy-dqn9-qye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64951?format=json","vulnerability_id":"VCID-v7uy-445x-tuan","summary":"nodejs: Nodejs denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59465.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59465","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2297","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22707","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2265","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22545","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22627","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.23014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22805","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22879","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22931","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2295","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22913","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22856","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22871","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22865","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22825","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22661","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22654","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431349","reference_id":"2431349","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431349"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:10:32Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2767","reference_id":"RHSA-2026:2767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2768","reference_id":"RHSA-2026:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2864","reference_id":"RHSA-2026:2864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2899","reference_id":"RHSA-2026:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932843?format=json","purl":"pkg:deb/debian/nodejs@22.22.0%2Bdfsg%2B~cs22.19.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.0%252Bdfsg%252B~cs22.19.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-59465"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v7uy-445x-tuan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37550?format=json","vulnerability_id":"VCID-vhg4-51cg-ebaa","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21891.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21891","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46403","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46527","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46473","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46454","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46465","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46413","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46317","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46383","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46443","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46463","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46412","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46472","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4653","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21891"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2259914","reference_id":"2259914","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T17:59:04Z/"}],"url":"https://hackerone.com/reports/2259914"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265720","reference_id":"2265720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265720"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240315-0005/","reference_id":"ntap-20240315-0005","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T17:59:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240315-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21891"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vhg4-51cg-ebaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37562?format=json","vulnerability_id":"VCID-vkvx-gxbu-3uau","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22019.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22019.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22019","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5956","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59524","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59529","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59513","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59485","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59492","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59454","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59501","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5945","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59475","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59442","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59493","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59506","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59525","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59509","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5949","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22019"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055","reference_id":"1064055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055"},{"reference_url":"https://hackerone.com/reports/2233486","reference_id":"2233486","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T21:15:49Z/"}],"url":"https://hackerone.com/reports/2233486"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264574","reference_id":"2264574","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264574"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240315-0004/","reference_id":"ntap-20240315-0004","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T21:15:49Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240315-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1354","reference_id":"RHSA-2024:1354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1424","reference_id":"RHSA-2024:1424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1438","reference_id":"RHSA-2024:1438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1444","reference_id":"RHSA-2024:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1503","reference_id":"RHSA-2024:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1510","reference_id":"RHSA-2024:1510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1678","reference_id":"RHSA-2024:1678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1880","reference_id":"RHSA-2024:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1932","reference_id":"RHSA-2024:1932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2651","reference_id":"RHSA-2024:2651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2793","reference_id":"RHSA-2024:2793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2793"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932835?format=json","purl":"pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22019"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vkvx-gxbu-3uau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37558?format=json","vulnerability_id":"VCID-w6yn-qt4p-vudt","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22018.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22018.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22018","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43482","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43724","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43657","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43594","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43598","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43516","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43387","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43463","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43711","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43646","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43697","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43701","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4372","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43689","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43672","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43733","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2145862","reference_id":"2145862","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:07:56Z/"}],"url":"https://hackerone.com/reports/2145862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296990","reference_id":"2296990","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296990"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:07:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:07:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5814","reference_id":"RHSA-2024:5814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5815","reference_id":"RHSA-2024:5815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932836?format=json","purl":"pkg:deb/debian/nodejs@20.15.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.15.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22018"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6yn-qt4p-vudt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31261?format=json","vulnerability_id":"VCID-wf5t-3pwz-c7d7","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23085.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23085.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23085","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37006","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37377","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37158","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37127","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37039","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.3692","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.36988","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.3744","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37466","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37431","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37404","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37433","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38197","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38068","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23085"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134","reference_id":"1094134","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342618","reference_id":"2342618","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342618"},{"reference_url":"https://security.gentoo.org/glsa/202506-08","reference_id":"GLSA-202506-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-08"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases","reference_id":"january-2025-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-07T15:50:24Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1351","reference_id":"RHSA-2025:1351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1443","reference_id":"RHSA-2025:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1446","reference_id":"RHSA-2025:1446","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1582","reference_id":"RHSA-2025:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1611","reference_id":"RHSA-2025:1611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1613","reference_id":"RHSA-2025:1613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1613"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932839?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932838?format=json","purl":"pkg:deb/debian/nodejs@20.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23085"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wf5t-3pwz-c7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57391?format=json","vulnerability_id":"VCID-wpfq-sq11-fqa9","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15606.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15606.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15606","reference_id":"","reference_type":"","scores":[{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.79948","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.79955","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.79976","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.79965","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.79993","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80022","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80006","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.79998","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80027","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80026","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80028","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80055","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.8006","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80076","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.8009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80111","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01338","scoring_system":"epss","scoring_elements":"0.80127","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800366","reference_id":"1800366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0598","reference_id":"RHSA-2020:0598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0598"},{"reference_url":"https://usn.ubuntu.com/6380-1/","reference_id":"USN-6380-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6380-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932814?format=json","purl":"pkg:deb/debian/nodejs@10.19.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.19.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-15606"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpfq-sq11-fqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62476?format=json","vulnerability_id":"VCID-wzcw-dd7m-zkaz","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32215.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32215.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32215","reference_id":"","reference_type":"","scores":[{"value":"0.87391","scoring_system":"epss","scoring_elements":"0.99465","published_at":"2026-05-09T12:55:00Z"},{"value":"0.87391","scoring_system":"epss","scoring_elements":"0.99459","published_at":"2026-04-18T12:55:00Z"},{"value":"0.87391","scoring_system":"epss","scoring_elements":"0.9946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.87391","scoring_system":"epss","scoring_elements":"0.99462","published_at":"2026-04-26T12:55:00Z"},{"value":"0.87391","scoring_system":"epss","scoring_elements":"0.99463","published_at":"2026-04-29T12:55:00Z"},{"value":"0.87391","scoring_system":"epss","scoring_elements":"0.99464","published_at":"2026-05-05T12:55:00Z"},{"value":"0.88764","scoring_system":"epss","scoring_elements":"0.99508","published_at":"2026-04-02T12:55:00Z"},{"value":"0.88764","scoring_system":"epss","scoring_elements":"0.9951","published_at":"2026-04-04T12:55:00Z"},{"value":"0.88764","scoring_system":"epss","scoring_elements":"0.99511","published_at":"2026-04-07T12:55:00Z"},{"value":"0.88764","scoring_system":"epss","scoring_elements":"0.99512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.88764","scoring_system":"epss","scoring_elements":"0.99513","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1501679","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1501679"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105426","reference_id":"2105426","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105426"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32215","reference_id":"CVE-2022-32215","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32215"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6389","reference_id":"RHSA-2022:6389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6448","reference_id":"RHSA-2022:6448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6449","reference_id":"RHSA-2022:6449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6595","reference_id":"RHSA-2022:6595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6985","reference_id":"RHSA-2022:6985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6985"},{"reference_url":"https://usn.ubuntu.com/6491-1/","reference_id":"USN-6491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932828?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932827?format=json","purl":"pkg:deb/debian/nodejs@18.6.0%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.6.0%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32215"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzcw-dd7m-zkaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64953?format=json","vulnerability_id":"VCID-x1an-pjq4-nbby","summary":"nodejs: Nodejs file permissions bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55130.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55130","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02953","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03085","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03065","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03028","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03049","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02968","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02976","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02977","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02964","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02941","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02932","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02906","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02916","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03034","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03031","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03021","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55130"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431352","reference_id":"2431352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431352"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:29Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2767","reference_id":"RHSA-2026:2767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2768","reference_id":"RHSA-2026:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2864","reference_id":"RHSA-2026:2864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2899","reference_id":"RHSA-2026:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7378","reference_id":"RHSA-2026:7378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7657","reference_id":"RHSA-2026:7657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932843?format=json","purl":"pkg:deb/debian/nodejs@22.22.0%2Bdfsg%2B~cs22.19.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.0%252Bdfsg%252B~cs22.19.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-55130"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x1an-pjq4-nbby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48668?format=json","vulnerability_id":"VCID-xeay-8ec9-4bdd","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8174.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8174.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8174","reference_id":"","reference_type":"","scores":[{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.80994","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81027","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81053","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.8106","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81078","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81064","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81094","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81096","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81092","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81115","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81122","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81129","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81143","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81165","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01491","scoring_system":"epss","scoring_elements":"0.81187","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8174"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845256","reference_id":"1845256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845256"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145","reference_id":"962145","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2847","reference_id":"RHSA-2020:2847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2848","reference_id":"RHSA-2020:2848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2849","reference_id":"RHSA-2020:2849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2852","reference_id":"RHSA-2020:2852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2895","reference_id":"RHSA-2020:2895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3042","reference_id":"RHSA-2020:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3084","reference_id":"RHSA-2020:3084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3084"},{"reference_url":"https://usn.ubuntu.com/6380-1/","reference_id":"USN-6380-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6380-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932817?format=json","purl":"pkg:deb/debian/nodejs@10.21.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.21.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8174"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xeay-8ec9-4bdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63922?format=json","vulnerability_id":"VCID-xert-byqc-xbe2","summary":"Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21711.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21711.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21711","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00125","published_at":"2026-04-24T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00122","published_at":"2026-04-29T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00124","published_at":"2026-04-26T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0015","published_at":"2026-05-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00146","published_at":"2026-04-08T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00148","published_at":"2026-04-12T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00149","published_at":"2026-04-18T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00151","published_at":"2026-05-07T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00147","published_at":"2026-04-13T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00245","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21711"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453158","reference_id":"2453158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453158"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T15:02:57Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21711"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xert-byqc-xbe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69630?format=json","vulnerability_id":"VCID-xkpz-pb5y-jqcy","summary":"nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23166.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23166","reference_id":"","reference_type":"","scores":[{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53707","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53717","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53679","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53691","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53656","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53655","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53633","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53629","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.5368","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53678","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53727","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53711","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53693","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53731","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53735","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23166"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832","reference_id":"1105832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367163","reference_id":"2367163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367163"},{"reference_url":"https://security.archlinux.org/ASA-202505-6","reference_id":"ASA-202505-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-6"},{"reference_url":"https://security.archlinux.org/ASA-202505-7","reference_id":"ASA-202505-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-7"},{"reference_url":"https://security.archlinux.org/ASA-202505-8","reference_id":"ASA-202505-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-8"},{"reference_url":"https://security.archlinux.org/AVG-2871","reference_id":"AVG-2871","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2871"},{"reference_url":"https://security.archlinux.org/AVG-2872","reference_id":"AVG-2872","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2872"},{"reference_url":"https://security.archlinux.org/AVG-2873","reference_id":"AVG-2873","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2873"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases","reference_id":"may-2025-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T14:11:17Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8467","reference_id":"RHSA-2025:8467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8468","reference_id":"RHSA-2025:8468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8493","reference_id":"RHSA-2025:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8506","reference_id":"RHSA-2025:8506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8514","reference_id":"RHSA-2025:8514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8902","reference_id":"RHSA-2025:8902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23166"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xkpz-pb5y-jqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62478?format=json","vulnerability_id":"VCID-xnzh-wpd4-63f9","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35255.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35255","reference_id":"","reference_type":"","scores":[{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78967","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78841","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78869","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78867","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78864","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78893","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.789","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78932","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78953","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.788","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78829","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78838","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01191","scoring_system":"epss","scoring_elements":"0.78851","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1690000","reference_id":"1690000","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:23:49Z/"}],"url":"https://hackerone.com/reports/1690000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2130517","reference_id":"2130517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2130517"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230113-0002/","reference_id":"ntap-20230113-0002","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:23:49Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230113-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6963","reference_id":"RHSA-2022:6963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6964","reference_id":"RHSA-2022:6964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7821","reference_id":"RHSA-2022:7821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7821"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932828?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932829?format=json","purl":"pkg:deb/debian/nodejs@18.10.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.10.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-35255"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnzh-wpd4-63f9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92660?format=json","vulnerability_id":"VCID-xq3f-g8n8-tffp","summary":"The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9748","reference_id":"","reference_type":"","scores":[{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.6498","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64992","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64988","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64968","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.65015","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.65058","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65113","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65103","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.64993","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.6512","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65105","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65111","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65043","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65069","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65031","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65094","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9748"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932802?format=json","purl":"pkg:deb/debian/nodejs@4.0.0~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.0.0~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2014-9748"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xq3f-g8n8-tffp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37554?format=json","vulnerability_id":"VCID-xva8-adbf-87h3","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22017.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22017","reference_id":"","reference_type":"","scores":[{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70418","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70435","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75441","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75345","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75334","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75369","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75374","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75378","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75386","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75415","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75257","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.753","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75311","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75332","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.7531","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75299","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75338","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2170226","reference_id":"2170226","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T04:00:22Z/"}],"url":"https://hackerone.com/reports/2170226"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265727","reference_id":"2265727","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265727"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240517-0007/","reference_id":"ntap-20240517-0007","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T04:00:22Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240517-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22017"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xva8-adbf-87h3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31260?format=json","vulnerability_id":"VCID-ydzj-e97m-k3cp","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23083.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23083.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23083","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28663","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28092","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2817","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28006","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28068","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28709","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28514","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28578","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28548","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28523","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28476","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2836","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28248","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134","reference_id":"1094134","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339392","reference_id":"2339392","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339392"},{"reference_url":"https://security.gentoo.org/glsa/202506-08","reference_id":"GLSA-202506-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-08"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases","reference_id":"january-2025-security-releases","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-28T04:55:27Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1351","reference_id":"RHSA-2025:1351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1443","reference_id":"RHSA-2025:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1522","reference_id":"RHSA-2025:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1611","reference_id":"RHSA-2025:1611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1613","reference_id":"RHSA-2025:1613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1613"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932838?format=json","purl":"pkg:deb/debian/nodejs@20.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23083"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ydzj-e97m-k3cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37537?format=json","vulnerability_id":"VCID-yxvf-4pb4-d7ec","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39333.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39333.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39333","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26407","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26069","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26058","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.25949","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26012","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2645","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26224","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26292","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26339","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26348","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26243","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26249","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26188","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26113","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26109","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39333"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892","reference_id":"1054892","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244418","reference_id":"2244418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244418"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/october-2023-security-releases","reference_id":"october-2023-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:03:18Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/october-2023-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5849","reference_id":"RHSA-2023:5849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5869","reference_id":"RHSA-2023:5869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-39333"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxvf-4pb4-d7ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76927?format=json","vulnerability_id":"VCID-yz6h-h3bb-27ee","summary":"Node.js: Fail to Escape Arguments Properly in Microsoft Windows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27980.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27980.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27980","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5056","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50632","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50618","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50659","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50665","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50644","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50592","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50599","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50553","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50477","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50531","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5058","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50607","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50561","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50615","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50654","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27980"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/10/15","reference_id":"15","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/10/15"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270693","reference_id":"2270693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270693"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W/","reference_id":"5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU/","reference_id":"JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-27980"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yz6h-h3bb-27ee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86186?format=json","vulnerability_id":"VCID-z3gm-8afk-q7dv","summary":"V8: Memory Corruption and Stack Overflow","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0516.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0516.html"},{"reference_url":"http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5256.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5256.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-5256","reference_id":"","reference_type":"","scores":[{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79576","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79388","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79395","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79417","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79404","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79432","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79441","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79464","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79447","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79437","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79467","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79466","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79469","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79501","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79507","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79523","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79538","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79559","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-5256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5256"},{"reference_url":"http://secunia.com/advisories/61260","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61260"},{"reference_url":"https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21684769","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21684769"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:142"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1125464","reference_id":"1125464","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1125464"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760385","reference_id":"760385","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.10.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.10.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:nodejs:0.8.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:nodejs:0.8.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-5256","reference_id":"CVE-2014-5256","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-5256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1744","reference_id":"RHSA-2014:1744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1744"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932801?format=json","purl":"pkg:deb/debian/nodejs@0.10.38~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0.10.38~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2014-5256"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3gm-8afk-q7dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48666?format=json","vulnerability_id":"VCID-zckz-447u-gueb","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8172.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8172.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8172","reference_id":"","reference_type":"","scores":[{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78718","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78725","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78757","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78739","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78764","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78771","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78795","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78778","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78769","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78796","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78791","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78819","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78825","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78842","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78861","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78884","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78898","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8172"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845247","reference_id":"1845247","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2847","reference_id":"RHSA-2020:2847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2852","reference_id":"RHSA-2020:2852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2895","reference_id":"RHSA-2020:2895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2895"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8172"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zckz-447u-gueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48673?format=json","vulnerability_id":"VCID-zj4d-e8r7-ufg3","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8287","reference_id":"","reference_type":"","scores":[{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93694","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93789","published_at":"2026-05-09T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93769","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.9378","published_at":"2026-05-07T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93704","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93714","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93717","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93726","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93727","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93732","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.9375","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93757","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.9376","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93764","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11865","scoring_system":"epss","scoring_elements":"0.93759","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690","reference_id":"1016690","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912863","reference_id":"1912863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912863"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364","reference_id":"979364","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364"},{"reference_url":"https://security.archlinux.org/ASA-202101-16","reference_id":"ASA-202101-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-16"},{"reference_url":"https://security.archlinux.org/AVG-1400","reference_id":"AVG-1400","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0421","reference_id":"RHSA-2021:0421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0485","reference_id":"RHSA-2021:0485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0521","reference_id":"RHSA-2021:0521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0548","reference_id":"RHSA-2021:0548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0549","reference_id":"RHSA-2021:0549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0551","reference_id":"RHSA-2021:0551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0551"},{"reference_url":"https://usn.ubuntu.com/5563-1/","reference_id":"USN-5563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5563-1/"},{"reference_url":"https://usn.ubuntu.com/6380-1/","reference_id":"USN-6380-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6380-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932819?format=json","purl":"pkg:deb/debian/nodejs@12.20.1~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.20.1~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8287"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zj4d-e8r7-ufg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69629?format=json","vulnerability_id":"VCID-znta-r3v4-hyg1","summary":"nodejs: Memory Leak in Node.js ReadFileUtf8 Binding Leading to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23165.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23165.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23165","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57838","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57942","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5792","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57882","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57897","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57881","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57888","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57883","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57938","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57956","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57933","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57913","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57943","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23165"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832","reference_id":"1105832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367162","reference_id":"2367162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367162"},{"reference_url":"https://security.archlinux.org/ASA-202505-7","reference_id":"ASA-202505-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-7"},{"reference_url":"https://security.archlinux.org/ASA-202505-8","reference_id":"ASA-202505-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-8"},{"reference_url":"https://security.archlinux.org/AVG-2872","reference_id":"AVG-2872","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2872"},{"reference_url":"https://security.archlinux.org/AVG-2873","reference_id":"AVG-2873","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2873"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases","reference_id":"may-2025-security-releases","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-19T13:55:12Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8467","reference_id":"RHSA-2025:8467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8468","reference_id":"RHSA-2025:8468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8493","reference_id":"RHSA-2025:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8506","reference_id":"RHSA-2025:8506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8514","reference_id":"RHSA-2025:8514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8514"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23165"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znta-r3v4-hyg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57382?format=json","vulnerability_id":"VCID-zrbm-htvv-eke9","summary":"Multiple vulnerabilities have been found in Node.js, worst of which\n    could allow remote attackers to write arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12121.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12121.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12121","reference_id":"","reference_type":"","scores":[{"value":"0.05572","scoring_system":"epss","scoring_elements":"0.90353","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05572","scoring_system":"epss","scoring_elements":"0.90318","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05572","scoring_system":"epss","scoring_elements":"0.90315","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05572","scoring_system":"epss","scoring_elements":"0.90326","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05572","scoring_system":"epss","scoring_elements":"0.90343","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05774","scoring_system":"epss","scoring_elements":"0.90497","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05774","scoring_system":"epss","scoring_elements":"0.90496","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05774","scoring_system":"epss","scoring_elements":"0.90509","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06647","scoring_system":"epss","scoring_elements":"0.91228","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92321","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92354","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92359","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92349","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92328","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08466","scoring_system":"epss","scoring_elements":"0.92334","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661002","reference_id":"1661002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2258","reference_id":"RHSA-2019:2258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3497","reference_id":"RHSA-2019:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3497"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932810?format=json","purl":"pkg:deb/debian/nodejs@10.15.0~dfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@10.15.0~dfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12121"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zrbm-htvv-eke9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18167?format=json","vulnerability_id":"VCID-zstw-3wmu-u3c8","summary":"llhttp vulnerable to HTTP request smuggling\nThe llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).\n\nThe CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30589","reference_id":"","reference_type":"","scores":[{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83448","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83429","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83375","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83348","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83317","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83323","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83308","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83299","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83275","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83276","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83261","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83408","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83384","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83382","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83351","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01916","scoring_system":"epss","scoring_elements":"0.83349","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30589"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/nodejs/llhttp","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nodejs/llhttp"},{"reference_url":"https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1"},{"reference_url":"https://hackerone.com/reports/2001873","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/2001873"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230803-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230803-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990","reference_id":"1039990","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219841","reference_id":"2219841","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219841"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30589","reference_id":"CVE-2023-30589","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30589"},{"reference_url":"https://github.com/advisories/GHSA-cggh-pq45-6h9x","reference_id":"GHSA-cggh-pq45-6h9x","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cggh-pq45-6h9x"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4330","reference_id":"RHSA-2023:4330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4331","reference_id":"RHSA-2023:4331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4536","reference_id":"RHSA-2023:4536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4537","reference_id":"RHSA-2023:4537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6735-1/","reference_id":"USN-6735-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6735-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932834?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30589","GHSA-cggh-pq45-6h9x"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zstw-3wmu-u3c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48672?format=json","vulnerability_id":"VCID-ztt4-vnk7-7ycq","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8265","reference_id":"","reference_type":"","scores":[{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73197","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73383","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73332","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73359","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73207","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73228","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73201","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73238","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73251","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73276","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73255","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73248","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73291","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73292","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73326","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.7334","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73338","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8265"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912854","reference_id":"1912854","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912854"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364","reference_id":"979364","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364"},{"reference_url":"https://security.archlinux.org/ASA-202101-16","reference_id":"ASA-202101-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-16"},{"reference_url":"https://security.archlinux.org/AVG-1400","reference_id":"AVG-1400","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0421","reference_id":"RHSA-2021:0421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0485","reference_id":"RHSA-2021:0485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0521","reference_id":"RHSA-2021:0521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0548","reference_id":"RHSA-2021:0548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0549","reference_id":"RHSA-2021:0549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0551","reference_id":"RHSA-2021:0551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0551"},{"reference_url":"https://usn.ubuntu.com/6380-1/","reference_id":"USN-6380-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6380-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932819?format=json","purl":"pkg:deb/debian/nodejs@12.20.1~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.20.1~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8265"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztt4-vnk7-7ycq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"}