Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main

Type apk

Namespace alpine

Name nodejs

Version 16.13.2-r0

Qualifiers

arch	x86_64
distroversion	v3.20
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 16.17.1-r0

Latest_non_vulnerable_version 20.15.1-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5cf7-va9h-h3gy

vulnerability_id VCID-5cf7-va9h-h3gy

summary

Improper Certificate Validation
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js does not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-44531

reference_id

reference_type

scores

value	0.00076
scoring_system	epss
scoring_elements	0.22783
published_at	2026-04-01T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22952
published_at	2026-04-02T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22996
published_at	2026-04-04T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22789
published_at	2026-04-07T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22863
published_at	2026-04-08T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22916
published_at	2026-04-09T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22936
published_at	2026-04-11T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22899
published_at	2026-04-12T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22843
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-44531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1429694
reference_id
reference_type
scores
url	https://hackerone.com/reports/1429694

reference_url	https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url	https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/

reference_url	https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220325-0007/

reference_url	https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url	https://www.debian.org/security/2022/dsa-5170

reference_url	https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url	https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id	1004177
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2040839
reference_id	2040839
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2040839

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-44531
reference_id	CVE-2021-44531
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-44531

reference_url	https://security.gentoo.org/glsa/202405-29
reference_id	GLSA-202405-29
reference_type
scores
url	https://security.gentoo.org/glsa/202405-29

reference_url	https://access.redhat.com/errata/RHSA-2022:4914
reference_id	RHSA-2022:4914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4914

reference_url	https://access.redhat.com/errata/RHSA-2022:7044
reference_id	RHSA-2022:7044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7044

reference_url	https://access.redhat.com/errata/RHSA-2022:7830
reference_id	RHSA-2022:7830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7830

reference_url	https://access.redhat.com/errata/RHSA-2022:9073
reference_id	RHSA-2022:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9073

reference_url	https://access.redhat.com/errata/RHSA-2023:1742
reference_id	RHSA-2023:1742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1742

reference_url	https://access.redhat.com/errata/RHSA-2023:3742
reference_id	RHSA-2023:3742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3742

fixed_packages

url	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@16.13.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2021-44531

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5cf7-va9h-h3gy

url VCID-e18p-c3m9-2qgy

vulnerability_id VCID-e18p-c3m9-2qgy

summary Multiple vulnerabilities have been discovered in Node.js.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-44532

reference_id

reference_type

scores

value	0.00132
scoring_system	epss
scoring_elements	0.32731
published_at	2026-04-01T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32862
published_at	2026-04-02T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32897
published_at	2026-04-04T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32718
published_at	2026-04-07T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32765
published_at	2026-04-08T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32792
published_at	2026-04-09T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32794
published_at	2026-04-11T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32756
published_at	2026-04-12T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.3273
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-44532

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id	1004177
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2040846
reference_id	2040846
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2040846

reference_url	https://security.gentoo.org/glsa/202405-29
reference_id	GLSA-202405-29
reference_type
scores
url	https://security.gentoo.org/glsa/202405-29

reference_url	https://access.redhat.com/errata/RHSA-2022:4914
reference_id	RHSA-2022:4914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4914

reference_url	https://access.redhat.com/errata/RHSA-2022:7044
reference_id	RHSA-2022:7044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7044

reference_url	https://access.redhat.com/errata/RHSA-2022:7830
reference_id	RHSA-2022:7830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7830

reference_url	https://access.redhat.com/errata/RHSA-2022:9073
reference_id	RHSA-2022:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9073

reference_url	https://access.redhat.com/errata/RHSA-2023:1742
reference_id	RHSA-2023:1742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1742

reference_url	https://access.redhat.com/errata/RHSA-2023:3742
reference_id	RHSA-2023:3742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3742

fixed_packages

url	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@16.13.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2021-44532

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e18p-c3m9-2qgy

url VCID-m5ae-uc68-d3g2

vulnerability_id VCID-m5ae-uc68-d3g2

summary

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
This advisory has been marked as a false positive.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21824

reference_id

reference_type

scores

value	0.00505
scoring_system	epss
scoring_elements	0.66171
published_at	2026-04-02T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71033
published_at	2026-04-07T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71076
published_at	2026-04-08T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71088
published_at	2026-04-09T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71111
published_at	2026-04-11T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71096
published_at	2026-04-12T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.7108
published_at	2026-04-13T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71058
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://hackerone.com/reports/1431042
reference_id
reference_type
scores
url	https://hackerone.com/reports/1431042

reference_url	https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url	https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/

reference_url	https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220325-0007/

reference_url	https://security.netapp.com/advisory/ntap-20220729-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220729-0004/

reference_url	https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url	https://www.debian.org/security/2022/dsa-5170

reference_url	https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url	https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id	1004177
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2040862
reference_id	2040862
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2040862

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-21824
reference_id	CVE-2022-21824
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-21824

reference_url	https://security.gentoo.org/glsa/202405-29
reference_id	GLSA-202405-29
reference_type
scores
url	https://security.gentoo.org/glsa/202405-29

reference_url	https://access.redhat.com/errata/RHSA-2022:4914
reference_id	RHSA-2022:4914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4914

reference_url	https://access.redhat.com/errata/RHSA-2022:7044
reference_id	RHSA-2022:7044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7044

reference_url	https://access.redhat.com/errata/RHSA-2022:7830
reference_id	RHSA-2022:7830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7830

reference_url	https://access.redhat.com/errata/RHSA-2022:9073
reference_id	RHSA-2022:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9073

reference_url	https://access.redhat.com/errata/RHSA-2023:1742
reference_id	RHSA-2023:1742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1742

reference_url	https://access.redhat.com/errata/RHSA-2023:3742
reference_id	RHSA-2023:3742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3742

fixed_packages

url	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@16.13.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2022-21824

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ae-uc68-d3g2

url VCID-ms5y-gp7v-2qay

vulnerability_id VCID-ms5y-gp7v-2qay

summary Multiple vulnerabilities have been discovered in Node.js.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-44533

reference_id

reference_type

scores

value	0.00421
scoring_system	epss
scoring_elements	0.61846
published_at	2026-04-01T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6192
published_at	2026-04-07T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6195
published_at	2026-04-04T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61969
published_at	2026-04-08T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61987
published_at	2026-04-09T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62008
published_at	2026-04-11T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61997
published_at	2026-04-12T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61977
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-44533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id	1004177
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2040856
reference_id	2040856
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2040856

reference_url	https://security.gentoo.org/glsa/202405-29
reference_id	GLSA-202405-29
reference_type
scores
url	https://security.gentoo.org/glsa/202405-29

reference_url	https://access.redhat.com/errata/RHSA-2022:4914
reference_id	RHSA-2022:4914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4914

reference_url	https://access.redhat.com/errata/RHSA-2022:7044
reference_id	RHSA-2022:7044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7044

reference_url	https://access.redhat.com/errata/RHSA-2022:7830
reference_id	RHSA-2022:7830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7830

reference_url	https://access.redhat.com/errata/RHSA-2022:9073
reference_id	RHSA-2022:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9073

reference_url	https://access.redhat.com/errata/RHSA-2023:1742
reference_id	RHSA-2023:1742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1742

reference_url	https://access.redhat.com/errata/RHSA-2023:3742
reference_id	RHSA-2023:3742
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3742

fixed_packages

url	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/nodejs@16.13.2-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@16.13.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

aliases CVE-2021-44533

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms5y-gp7v-2qay

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@16.13.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

Package Instance