Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/rh-nodejs14-nodejs@14.15.4-2?arch=el7

Type rpm

Namespace redhat

Name rh-nodejs14-nodejs

Version 14.15.4-2

Qualifiers

arch	el7

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-1pej-f5gn-5feh

vulnerability_id

VCID-1pej-f5gn-5feh

summary

Prototype Pollution
If an attacker submits a malicious `INI` file to an application that parses it with `ini.parse`, they will pollute the prototype on the application. This can be exploited further depending on the context.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7788.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7788.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-7788

reference_id

reference_type

scores

value	0.00291
scoring_system	epss
scoring_elements	0.52799
published_at	2026-06-05T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52739
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-7788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788

reference_url

https://github.com/npm/ini

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/npm/ini

reference_url

https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1

reference_url

https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html

reference_url

https://snyk.io/vuln/SNYK-JS-INI-1048974

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-INI-1048974

reference_url

https://www.npmjs.com/advisories/1589

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.npmjs.com/advisories/1589

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1907444
reference_id	1907444
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1907444

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977718
reference_id	977718
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977718

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-7788

reference_id

CVE-2020-7788

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-7788

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0485
reference_id	RHSA-2021:0485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0485

reference_url	https://access.redhat.com/errata/RHSA-2021:0521
reference_id	RHSA-2021:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0521

reference_url	https://access.redhat.com/errata/RHSA-2021:0548
reference_id	RHSA-2021:0548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0548

reference_url	https://access.redhat.com/errata/RHSA-2021:0549
reference_id	RHSA-2021:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0549

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://access.redhat.com/errata/RHSA-2021:3280
reference_id	RHSA-2021:3280
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3280

reference_url	https://access.redhat.com/errata/RHSA-2021:3281
reference_id	RHSA-2021:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3281

reference_url	https://access.redhat.com/errata/RHSA-2021:5171
reference_id	RHSA-2021:5171
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5171

reference_url	https://access.redhat.com/errata/RHSA-2022:0246
reference_id	RHSA-2022:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0246

reference_url	https://access.redhat.com/errata/RHSA-2022:0350
reference_id	RHSA-2022:0350
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0350

reference_url	https://access.redhat.com/errata/RHSA-2022:6595
reference_id	RHSA-2022:6595
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6595

fixed_packages

aliases

CVE-2020-7788, GHSA-qqgx-2p2h-9c37

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-1pej-f5gn-5feh

url

VCID-363b-t6mk-w3ct

vulnerability_id

VCID-363b-t6mk-w3ct

summary

Improper Input Validation
An issue was discovered in `ajv.validate()` in Ajv (aka Another JSON Schema Validator). A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15366.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15366.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-15366

reference_id

reference_type

scores

value	0.00331
scoring_system	epss
scoring_elements	0.56354
published_at	2026-06-05T12:55:00Z

value	0.00331
scoring_system	epss
scoring_elements	0.56298
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15366

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15366
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15366

reference_url

https://github.com/ajv-validator/ajv

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ajv-validator/ajv

reference_url

https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f

reference_url

https://github.com/ajv-validator/ajv/releases/tag/v6.12.3

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ajv-validator/ajv/releases/tag/v6.12.3

reference_url

https://github.com/ajv-validator/ajv/tags

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ajv-validator/ajv/tags

reference_url

https://hackerone.com/bugs?subject=user&report_id=894259

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://hackerone.com/bugs?subject=user&report_id=894259

reference_url

https://security.netapp.com/advisory/ntap-20240621-0007

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240621-0007

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1857977
reference_id	1857977
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1857977

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-15366

reference_id

CVE-2020-15366

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-15366

reference_url

https://github.com/advisories/GHSA-v88g-cgmw-v5xw

reference_id

GHSA-v88g-cgmw-v5xw

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v88g-cgmw-v5xw

reference_url	https://access.redhat.com/errata/RHSA-2020:4298
reference_id	RHSA-2020:4298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4298

reference_url	https://access.redhat.com/errata/RHSA-2020:5305
reference_id	RHSA-2020:5305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5305

reference_url	https://access.redhat.com/errata/RHSA-2020:5499
reference_id	RHSA-2020:5499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5499

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0521
reference_id	RHSA-2021:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0521

reference_url	https://access.redhat.com/errata/RHSA-2021:0548
reference_id	RHSA-2021:0548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0548

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://access.redhat.com/errata/RHSA-2021:0781
reference_id	RHSA-2021:0781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0781

reference_url	https://access.redhat.com/errata/RHSA-2021:3917
reference_id	RHSA-2021:3917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3917

fixed_packages

aliases

CVE-2020-15366, GHSA-v88g-cgmw-v5xw

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-363b-t6mk-w3ct

url

VCID-azjs-kjpm-z3h2

vulnerability_id

VCID-azjs-kjpm-z3h2

summary

Uncontrolled Resource Consumption
This affects the package npm-user-validate The regex that validates user emails took exponentially longer to process long input strings beginning with `@` characters.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7754.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7754.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-7754

reference_id

reference_type

scores

value	0.01798
scoring_system	epss
scoring_elements	0.83121
published_at	2026-06-04T12:55:00Z

value	0.01798
scoring_system	epss
scoring_elements	0.83147
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-7754

reference_url

https://github.com/npm/npm-user-validate/commit/c8a87dac1a4cc6988b5418f30411a8669bef204e

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/npm/npm-user-validate/commit/c8a87dac1a4cc6988b5418f30411a8669bef204e

reference_url

https://github.com/npm/npm-user-validate/security/advisories/GHSA-xgh6-85xh-479p

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/npm/npm-user-validate/security/advisories/GHSA-xgh6-85xh-479p

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1019353

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1019353

reference_url

https://snyk.io/vuln/SNYK-JS-NPMUSERVALIDATE-1019352

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-NPMUSERVALIDATE-1019352

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1892430
reference_id	1892430
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1892430

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-7754

reference_id

CVE-2020-7754

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-7754

reference_url

https://github.com/advisories/GHSA-xgh6-85xh-479p

reference_id

GHSA-xgh6-85xh-479p

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xgh6-85xh-479p

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0485
reference_id	RHSA-2021:0485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0485

reference_url	https://access.redhat.com/errata/RHSA-2021:0521
reference_id	RHSA-2021:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0521

reference_url	https://access.redhat.com/errata/RHSA-2021:0548
reference_id	RHSA-2021:0548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0548

reference_url	https://access.redhat.com/errata/RHSA-2021:0549
reference_id	RHSA-2021:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0549

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

fixed_packages

aliases

CVE-2020-7754, GHSA-pw54-mh39-w3hc, GHSA-xgh6-85xh-479p

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-azjs-kjpm-z3h2

url

VCID-c12a-v9ey-qfap

vulnerability_id

VCID-c12a-v9ey-qfap

summary

multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8265.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8265

reference_id

reference_type

scores

value	0.00755
scoring_system	epss
scoring_elements	0.73616
published_at	2026-06-04T12:55:00Z

value	0.00755
scoring_system	epss
scoring_elements	0.73652
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8265

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1912854
reference_id	1912854
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1912854

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id	979364
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364

reference_url	https://security.archlinux.org/ASA-202101-16
reference_id	ASA-202101-16
reference_type
scores
url	https://security.archlinux.org/ASA-202101-16

reference_url

https://security.archlinux.org/AVG-1400

reference_id

AVG-1400

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1400

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0485
reference_id	RHSA-2021:0485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0485

reference_url	https://access.redhat.com/errata/RHSA-2021:0521
reference_id	RHSA-2021:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0521

reference_url	https://access.redhat.com/errata/RHSA-2021:0548
reference_id	RHSA-2021:0548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0548

reference_url	https://access.redhat.com/errata/RHSA-2021:0549
reference_id	RHSA-2021:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0549

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://usn.ubuntu.com/6380-1/
reference_id	USN-6380-1
reference_type
scores
url	https://usn.ubuntu.com/6380-1/

fixed_packages

aliases

CVE-2020-8265

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-c12a-v9ey-qfap

url

VCID-eun3-dgw9-ruaj

vulnerability_id

VCID-eun3-dgw9-ruaj

summary

Prototype Pollution in y18n
The npm package y18n before versions 3.2.2, 4.0.1, and 5.0.5 is vulnerable to Prototype Pollution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7774.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7774.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-7774

reference_id

reference_type

scores

value	0.00469
scoring_system	epss
scoring_elements	0.64936
published_at	2026-06-05T12:55:00Z

value	0.00469
scoring_system	epss
scoring_elements	0.64893
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-7774

reference_url

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7774

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/yargs/y18n

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/yargs/y18n

reference_url

https://github.com/yargs/y18n/commit/90401eea9062ad498f4f792e3fff8008c4c193a3

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/yargs/y18n/commit/90401eea9062ad498f4f792e3fff8008c4c193a3

reference_url

https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25

reference_url

https://github.com/yargs/y18n/issues/96

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/yargs/y18n/issues/96

reference_url

https://github.com/yargs/y18n/pull/108

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/yargs/y18n/pull/108

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306

reference_url

https://snyk.io/vuln/SNYK-JS-Y18N-1021887

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-Y18N-1021887

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1898680
reference_id	1898680
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1898680

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976390
reference_id	976390
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976390

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-7774

reference_id

CVE-2020-7774

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-7774

reference_url	https://github.com/advisories/GHSA-c4w7-xm78-47vh
reference_id	GHSA-c4w7-xm78-47vh
reference_type
scores
url	https://github.com/advisories/GHSA-c4w7-xm78-47vh

reference_url	https://security.gentoo.org/glsa/202405-29
reference_id	GLSA-202405-29
reference_type
scores
url	https://security.gentoo.org/glsa/202405-29

reference_url	https://access.redhat.com/errata/RHSA-2020:5305
reference_id	RHSA-2020:5305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5305

reference_url	https://access.redhat.com/errata/RHSA-2020:5499
reference_id	RHSA-2020:5499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5499

reference_url	https://access.redhat.com/errata/RHSA-2020:5633
reference_id	RHSA-2020:5633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5633

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0521
reference_id	RHSA-2021:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0521

reference_url	https://access.redhat.com/errata/RHSA-2021:0548
reference_id	RHSA-2021:0548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0548

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://access.redhat.com/errata/RHSA-2021:2041
reference_id	RHSA-2021:2041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2041

reference_url	https://access.redhat.com/errata/RHSA-2021:2438
reference_id	RHSA-2021:2438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2438

fixed_packages

aliases

CVE-2020-7774, GHSA-c4w7-xm78-47vh

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-eun3-dgw9-ruaj

url

VCID-f3mc-s6sz-hkep

vulnerability_id

VCID-f3mc-s6sz-hkep

summary

multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8287.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8287

reference_id

reference_type

scores

value	0.11865
scoring_system	epss
scoring_elements	0.93861
published_at	2026-06-04T12:55:00Z

value	0.11865
scoring_system	epss
scoring_elements	0.93871
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8287

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8265

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690
reference_id	1016690
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016690

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1912863
reference_id	1912863
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1912863

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364
reference_id	979364
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979364

reference_url	https://security.archlinux.org/ASA-202101-16
reference_id	ASA-202101-16
reference_type
scores
url	https://security.archlinux.org/ASA-202101-16

reference_url

https://security.archlinux.org/AVG-1400

reference_id

AVG-1400

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1400

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0485
reference_id	RHSA-2021:0485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0485

reference_url	https://access.redhat.com/errata/RHSA-2021:0521
reference_id	RHSA-2021:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0521

reference_url	https://access.redhat.com/errata/RHSA-2021:0548
reference_id	RHSA-2021:0548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0548

reference_url	https://access.redhat.com/errata/RHSA-2021:0549
reference_id	RHSA-2021:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0549

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://usn.ubuntu.com/5563-1/
reference_id	USN-5563-1
reference_type
scores
url	https://usn.ubuntu.com/5563-1/

reference_url	https://usn.ubuntu.com/6380-1/
reference_id	USN-6380-1
reference_type
scores
url	https://usn.ubuntu.com/6380-1/

fixed_packages

aliases

CVE-2020-8287

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-f3mc-s6sz-hkep

url

VCID-w6y4-5tef-mbek

vulnerability_id

VCID-w6y4-5tef-mbek

summary

Uncontrolled Resource Consumption
c-ares' `ares_parse_{a,aaaa}_reply()` suffers from a Denial Of Service due to insufficient `naddrttls` validation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8277.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8277.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8277

reference_id

reference_type

scores

value	0.58883
scoring_system	epss
scoring_elements	0.98255
published_at	2026-06-04T12:55:00Z

value	0.58883
scoring_system	epss
scoring_elements	0.98257
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8277

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8277
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8277

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/

reference_url	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/
reference_id
reference_type
scores
url	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1898554
reference_id	1898554
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1898554

reference_url	https://security.archlinux.org/ASA-202011-18
reference_id	ASA-202011-18
reference_type
scores
url	https://security.archlinux.org/ASA-202011-18

reference_url

https://security.archlinux.org/AVG-1280

reference_id

AVG-1280

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1280

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-8277
reference_id	CVE-2020-8277
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-8277

reference_url	https://security.gentoo.org/glsa/202012-11
reference_id	GLSA-202012-11
reference_type
scores
url	https://security.gentoo.org/glsa/202012-11

reference_url	https://access.redhat.com/errata/RHSA-2020:5305
reference_id	RHSA-2020:5305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5305

reference_url	https://access.redhat.com/errata/RHSA-2020:5499
reference_id	RHSA-2020:5499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5499

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://usn.ubuntu.com/4638-1/
reference_id	USN-4638-1
reference_type
scores
url	https://usn.ubuntu.com/4638-1/

fixed_packages

aliases

CVE-2020-8277

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-w6y4-5tef-mbek

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-nodejs14-nodejs@14.15.4-2%3Farch=el7

Package Instance