Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/node-node-forge@0.8.1~dfsg-1%2Bdeb10u1
Typedeb
Namespacedebian
Namenode-node-forge
Version0.8.1~dfsg-1+deb10u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.10.0~dfsg-3+deb11u1
Latest_non_vulnerable_version0.10.0~dfsg-3+deb11u1
Affected_by_vulnerabilities
0
url VCID-fsbk-qxz8-auc4
vulnerability_id VCID-fsbk-qxz8-auc4
summary 
Improper Verification of Cryptographic Signature
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24771.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24771.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24771
reference_id
reference_type
scores
0
value 0.0018
scoring_system epss
scoring_elements 0.3934
published_at 2026-06-09T12:55:00Z
1
value 0.0018
scoring_system epss
scoring_elements 0.39327
published_at 2026-06-08T12:55:00Z
2
value 0.0018
scoring_system epss
scoring_elements 0.3929
published_at 2026-06-04T12:55:00Z
3
value 0.0018
scoring_system epss
scoring_elements 0.39384
published_at 2026-06-06T12:55:00Z
4
value 0.0018
scoring_system epss
scoring_elements 0.3938
published_at 2026-06-05T12:55:00Z
5
value 0.0018
scoring_system epss
scoring_elements 0.39355
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24771
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24771
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24771
3
reference_url https://github.com/digitalbazaar/forge
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge
4
reference_url https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:40Z/
url https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
5
reference_url https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2067387
reference_id 2067387
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2067387
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24771
reference_id CVE-2022-24771
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24771
8
reference_url https://github.com/advisories/GHSA-cfm4-qjh2-4765
reference_id GHSA-cfm4-qjh2-4765
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cfm4-qjh2-4765
9
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765
reference_id GHSA-cfm4-qjh2-4765
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:40Z/
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765
10
reference_url https://access.redhat.com/errata/RHSA-2022:1739
reference_id RHSA-2022:1739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1739
11
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
12
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
fixed_packages
0
url pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
purl pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%252Bdeb11u1
aliases CVE-2022-24771, GHSA-cfm4-qjh2-4765
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fsbk-qxz8-auc4
1
url VCID-j1xr-n7sf-37cp
vulnerability_id VCID-j1xr-n7sf-37cp
summary 
Improper Verification of Cryptographic Signature
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24772.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24772.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24772
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.34366
published_at 2026-06-04T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.3448
published_at 2026-06-06T12:55:00Z
2
value 0.00144
scoring_system epss
scoring_elements 0.34464
published_at 2026-06-05T12:55:00Z
3
value 0.00144
scoring_system epss
scoring_elements 0.34421
published_at 2026-06-09T12:55:00Z
4
value 0.00144
scoring_system epss
scoring_elements 0.34401
published_at 2026-06-08T12:55:00Z
5
value 0.00144
scoring_system epss
scoring_elements 0.34444
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24772
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24772
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24772
3
reference_url https://github.com/digitalbazaar/forge
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge
4
reference_url https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
5
reference_url https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2067458
reference_id 2067458
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2067458
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24772
reference_id CVE-2022-24772
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24772
8
reference_url https://github.com/advisories/GHSA-x4jg-mjrx-434g
reference_id GHSA-x4jg-mjrx-434g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x4jg-mjrx-434g
9
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g
reference_id GHSA-x4jg-mjrx-434g
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g
10
reference_url https://access.redhat.com/errata/RHSA-2022:1739
reference_id RHSA-2022:1739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1739
11
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
12
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
fixed_packages
0
url pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
purl pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%252Bdeb11u1
aliases CVE-2022-24772, GHSA-x4jg-mjrx-434g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1xr-n7sf-37cp
2
url VCID-q55u-tkwp-t7ek
vulnerability_id VCID-q55u-tkwp-t7ek
summary 
Duplicate
This advisory duplicates another.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7720.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7720
reference_id
reference_type
scores
0
value 0.02085
scoring_system epss
scoring_elements 0.84335
published_at 2026-06-09T12:55:00Z
1
value 0.02085
scoring_system epss
scoring_elements 0.84322
published_at 2026-06-08T12:55:00Z
2
value 0.02085
scoring_system epss
scoring_elements 0.84334
published_at 2026-06-07T12:55:00Z
3
value 0.02085
scoring_system epss
scoring_elements 0.84341
published_at 2026-06-06T12:55:00Z
4
value 0.02085
scoring_system epss
scoring_elements 0.84337
published_at 2026-06-05T12:55:00Z
5
value 0.02085
scoring_system epss
scoring_elements 0.84314
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7720
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7720
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7720
3
reference_url https://github.com/digitalbazaar/forge
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge
4
reference_url https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md
5
reference_url https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#removed
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#removed
6
reference_url https://github.com/digitalbazaar/forge/commit/6a1e3ef74f6eb345bcff1b82184201d1e28b6756
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/commit/6a1e3ef74f6eb345bcff1b82184201d1e28b6756
7
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-609293
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-609293
8
reference_url https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1874606
reference_id 1874606
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1874606
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969669
reference_id 969669
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969669
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7720
reference_id CVE-2020-7720
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7720
12
reference_url https://github.com/advisories/GHSA-92xj-mqp7-vmcj
reference_id GHSA-92xj-mqp7-vmcj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-92xj-mqp7-vmcj
13
reference_url https://github.com/advisories/GHSA-wxgw-qj99-44c2
reference_id GHSA-wxgw-qj99-44c2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wxgw-qj99-44c2
14
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-wxgw-qj99-44c2
reference_id GHSA-wxgw-qj99-44c2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-wxgw-qj99-44c2
15
reference_url https://access.redhat.com/errata/RHSA-2020:5249
reference_id RHSA-2020:5249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5249
16
reference_url https://access.redhat.com/errata/RHSA-2020:5605
reference_id RHSA-2020:5605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5605
fixed_packages
0
url pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
purl pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%252Bdeb11u1
aliases CVE-2020-7720, GHSA-92xj-mqp7-vmcj, GHSA-wxgw-qj99-44c2, GMS-2022-68
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q55u-tkwp-t7ek
3
url VCID-vmbx-7g36-7qbg
vulnerability_id VCID-vmbx-7g36-7qbg
summary 
Improper Verification of Cryptographic Signature
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24773.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24773.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24773
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32358
published_at 2026-06-09T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32336
published_at 2026-06-08T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.32365
published_at 2026-06-07T12:55:00Z
3
value 0.00133
scoring_system epss
scoring_elements 0.32404
published_at 2026-06-06T12:55:00Z
4
value 0.00133
scoring_system epss
scoring_elements 0.32435
published_at 2026-06-05T12:55:00Z
5
value 0.00133
scoring_system epss
scoring_elements 0.32364
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24773
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24773
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24773
3
reference_url https://github.com/digitalbazaar/forge
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge
4
reference_url https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
5
reference_url https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2067461
reference_id 2067461
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2067461
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24773
reference_id CVE-2022-24773
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24773
8
reference_url https://github.com/advisories/GHSA-2r2c-g63r-vccr
reference_id GHSA-2r2c-g63r-vccr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2r2c-g63r-vccr
9
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr
reference_id GHSA-2r2c-g63r-vccr
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr
10
reference_url https://access.redhat.com/errata/RHSA-2022:1739
reference_id RHSA-2022:1739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1739
11
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
12
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
fixed_packages
0
url pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
purl pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-node-forge@0.10.0~dfsg-3%252Bdeb11u1
aliases CVE-2022-24773, GHSA-2r2c-g63r-vccr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vmbx-7g36-7qbg
Fixing_vulnerabilities
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/node-node-forge@0.8.1~dfsg-1%252Bdeb10u1