Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/nodejs@18.18.2-r0?arch=x86_64&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Namenodejs
Version18.18.2-r0
Qualifiers
arch x86_64
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version20.12.1-r0
Latest_non_vulnerable_version22.22.2-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-enz6-qdn6-dkgm
vulnerability_id VCID-enz6-qdn6-dkgm
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38552.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38552.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38552
reference_id
reference_type
scores
0
value 0.00397
scoring_system epss
scoring_elements 0.6041
published_at 2026-04-02T12:55:00Z
1
value 0.00397
scoring_system epss
scoring_elements 0.60499
published_at 2026-04-16T12:55:00Z
2
value 0.00397
scoring_system epss
scoring_elements 0.60437
published_at 2026-04-04T12:55:00Z
3
value 0.00397
scoring_system epss
scoring_elements 0.60405
published_at 2026-04-07T12:55:00Z
4
value 0.00397
scoring_system epss
scoring_elements 0.60454
published_at 2026-04-08T12:55:00Z
5
value 0.00397
scoring_system epss
scoring_elements 0.6047
published_at 2026-04-09T12:55:00Z
6
value 0.00397
scoring_system epss
scoring_elements 0.6049
published_at 2026-04-11T12:55:00Z
7
value 0.00397
scoring_system epss
scoring_elements 0.60477
published_at 2026-04-12T12:55:00Z
8
value 0.00397
scoring_system epss
scoring_elements 0.60457
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38552
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892
reference_id 1054892
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892
4
reference_url https://hackerone.com/reports/2094235
reference_id 2094235
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://hackerone.com/reports/2094235
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2244415
reference_id 2244415
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2244415
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
reference_id 3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
reference_id E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
reference_id FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
9
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
reference_id HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
reference_id LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
12
reference_url https://security.netapp.com/advisory/ntap-20231116-0013/
reference_id ntap-20231116-0013
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://security.netapp.com/advisory/ntap-20231116-0013/
13
reference_url https://access.redhat.com/errata/RHSA-2023:5849
reference_id RHSA-2023:5849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5849
14
reference_url https://access.redhat.com/errata/RHSA-2023:5869
reference_id RHSA-2023:5869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5869
15
reference_url https://access.redhat.com/errata/RHSA-2023:7205
reference_id RHSA-2023:7205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7205
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
reference_id X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
fixed_packages
0
url pkg:apk/alpine/nodejs@18.18.2-r0?arch=x86_64&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/nodejs@18.18.2-r0?arch=x86_64&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@18.18.2-r0%3Farch=x86_64&distroversion=v3.21&reponame=main
aliases CVE-2023-38552
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enz6-qdn6-dkgm
1
url VCID-huz5-2qv3-g3an
vulnerability_id VCID-huz5-2qv3-g3an
summary 
Exposure of Sensitive Information to an Unauthorized Actor
Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but does not clear `Cookie` headers. By design, `cookie` headers are forbidden request headers, disallowing them to be set in RequestInit.headers in browser environments. Since undici handles headers more liberally than the spec, there was a disconnect from the assumptions the spec made, and undici's implementation of fetch. As such this may lead to accidental leakage of cookie to a third-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the third party site. This was patched in version 5.26.2. There are no known workarounds.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45143.json
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45143.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45143
reference_id
reference_type
scores
0
value 0.00105
scoring_system epss
scoring_elements 0.28731
published_at 2026-04-02T12:55:00Z
1
value 0.00105
scoring_system epss
scoring_elements 0.28779
published_at 2026-04-04T12:55:00Z
2
value 0.00105
scoring_system epss
scoring_elements 0.28586
published_at 2026-04-07T12:55:00Z
3
value 0.00105
scoring_system epss
scoring_elements 0.28622
published_at 2026-04-16T12:55:00Z
4
value 0.00105
scoring_system epss
scoring_elements 0.28602
published_at 2026-04-13T12:55:00Z
5
value 0.00105
scoring_system epss
scoring_elements 0.28649
published_at 2026-04-12T12:55:00Z
6
value 0.00105
scoring_system epss
scoring_elements 0.28652
published_at 2026-04-08T12:55:00Z
7
value 0.00105
scoring_system epss
scoring_elements 0.28693
published_at 2026-04-11T12:55:00Z
8
value 0.00105
scoring_system epss
scoring_elements 0.28692
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45143
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/nodejs/undici
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici
4
reference_url https://github.com/nodejs/undici/commit/e041de359221ebeae04c469e8aff4145764e6d76
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://github.com/nodejs/undici/commit/e041de359221ebeae04c469e8aff4145764e6d76
5
reference_url https://github.com/nodejs/undici/releases/tag/v5.26.2
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://github.com/nodejs/undici/releases/tag/v5.26.2
6
reference_url https://hackerone.com/reports/2166948
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://hackerone.com/reports/2166948
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053879
reference_id 1053879
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053879
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2244104
reference_id 2244104
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2244104
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
reference_id 3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45143
reference_id CVE-2023-45143
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45143
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
reference_id E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
reference_id FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
19
reference_url https://github.com/nodejs/undici/security/advisories/GHSA-q768-x9m6-m9qp
reference_id GHSA-q768-x9m6-m9qp
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://github.com/nodejs/undici/security/advisories/GHSA-q768-x9m6-m9qp
20
reference_url https://github.com/advisories/GHSA-wqq4-5wpv-mx2g
reference_id GHSA-wqq4-5wpv-mx2g
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wqq4-5wpv-mx2g
21
reference_url https://github.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g
reference_id GHSA-wqq4-5wpv-mx2g
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://github.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g
22
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
reference_id HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
reference_id LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
25
reference_url https://access.redhat.com/errata/RHSA-2023:5849
reference_id RHSA-2023:5849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5849
26
reference_url https://access.redhat.com/errata/RHSA-2023:5869
reference_id RHSA-2023:5869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5869
27
reference_url https://access.redhat.com/errata/RHSA-2023:7205
reference_id RHSA-2023:7205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7205
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
reference_id X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:10:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
fixed_packages
0
url pkg:apk/alpine/nodejs@18.18.2-r0?arch=x86_64&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/nodejs@18.18.2-r0?arch=x86_64&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@18.18.2-r0%3Farch=x86_64&distroversion=v3.21&reponame=main
aliases CVE-2023-45143, GHSA-wqq4-5wpv-mx2g
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-huz5-2qv3-g3an
2
url VCID-yxvf-4pb4-d7ec
vulnerability_id VCID-yxvf-4pb4-d7ec
summary Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39333.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39333.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-39333
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.26407
published_at 2026-04-02T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.26249
published_at 2026-04-16T12:55:00Z
2
value 0.00094
scoring_system epss
scoring_elements 0.26348
published_at 2026-04-11T12:55:00Z
3
value 0.00094
scoring_system epss
scoring_elements 0.26302
published_at 2026-04-12T12:55:00Z
4
value 0.00094
scoring_system epss
scoring_elements 0.26243
published_at 2026-04-13T12:55:00Z
5
value 0.00094
scoring_system epss
scoring_elements 0.2645
published_at 2026-04-04T12:55:00Z
6
value 0.00094
scoring_system epss
scoring_elements 0.26224
published_at 2026-04-07T12:55:00Z
7
value 0.00094
scoring_system epss
scoring_elements 0.26292
published_at 2026-04-08T12:55:00Z
8
value 0.00094
scoring_system epss
scoring_elements 0.26339
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-39333
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892
reference_id 1054892
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2244418
reference_id 2244418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2244418
5
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
6
reference_url https://nodejs.org/en/blog/vulnerability/october-2023-security-releases
reference_id october-2023-security-releases
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:03:18Z/
url https://nodejs.org/en/blog/vulnerability/october-2023-security-releases
7
reference_url https://access.redhat.com/errata/RHSA-2023:5849
reference_id RHSA-2023:5849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5849
8
reference_url https://access.redhat.com/errata/RHSA-2023:5869
reference_id RHSA-2023:5869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5869
9
reference_url https://access.redhat.com/errata/RHSA-2023:7205
reference_id RHSA-2023:7205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7205
fixed_packages
0
url pkg:apk/alpine/nodejs@18.18.2-r0?arch=x86_64&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/nodejs@18.18.2-r0?arch=x86_64&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@18.18.2-r0%3Farch=x86_64&distroversion=v3.21&reponame=main
aliases CVE-2023-39333
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yxvf-4pb4-d7ec
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/nodejs@18.18.2-r0%3Farch=x86_64&distroversion=v3.21&reponame=main