Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/net-libs/nodejs@18.17.1
Typeebuild
Namespacenet-libs
Namenodejs
Version18.17.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version18.20.4
Latest_non_vulnerable_version22.13.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1tz4-bphw-rbd3
vulnerability_id VCID-1tz4-bphw-rbd3
summary 
Path Traversal
This npm package has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37701.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37701.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37701
reference_id
reference_type
scores
0
value 0.0011
scoring_system epss
scoring_elements 0.29492
published_at 2026-04-09T12:55:00Z
1
value 0.0011
scoring_system epss
scoring_elements 0.29398
published_at 2026-04-13T12:55:00Z
2
value 0.0011
scoring_system epss
scoring_elements 0.2945
published_at 2026-04-12T12:55:00Z
3
value 0.0011
scoring_system epss
scoring_elements 0.29495
published_at 2026-04-11T12:55:00Z
4
value 0.0011
scoring_system epss
scoring_elements 0.29453
published_at 2026-04-01T12:55:00Z
5
value 0.0011
scoring_system epss
scoring_elements 0.29519
published_at 2026-04-02T12:55:00Z
6
value 0.0011
scoring_system epss
scoring_elements 0.29567
published_at 2026-04-04T12:55:00Z
7
value 0.0011
scoring_system epss
scoring_elements 0.29388
published_at 2026-04-07T12:55:00Z
8
value 0.0011
scoring_system epss
scoring_elements 0.29452
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37701
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/npm/node-tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar
7
reference_url https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
8
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
9
reference_url https://www.debian.org/security/2021/dsa-5008
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5008
10
reference_url https://www.npmjs.com/package/tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/tar
11
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999731
reference_id 1999731
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999731
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37701
reference_id CVE-2021-37701
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37701
14
reference_url https://github.com/advisories/GHSA-9r2w-394v-53qc
reference_id GHSA-9r2w-394v-53qc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9r2w-394v-53qc
15
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
16
reference_url https://access.redhat.com/errata/RHSA-2021:5086
reference_id RHSA-2021:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5086
17
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
18
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
19
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
20
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-37701, GHSA-9r2w-394v-53qc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1tz4-bphw-rbd3
1
url VCID-1xdz-dku3-qqc4
vulnerability_id VCID-1xdz-dku3-qqc4
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3672
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17144
published_at 2026-04-01T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17157
published_at 2026-04-13T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.1731
published_at 2026-04-02T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.17358
published_at 2026-04-04T12:55:00Z
4
value 0.00055
scoring_system epss
scoring_elements 0.17138
published_at 2026-04-07T12:55:00Z
5
value 0.00055
scoring_system epss
scoring_elements 0.17229
published_at 2026-04-08T12:55:00Z
6
value 0.00055
scoring_system epss
scoring_elements 0.17287
published_at 2026-04-09T12:55:00Z
7
value 0.00055
scoring_system epss
scoring_elements 0.17265
published_at 2026-04-11T12:55:00Z
8
value 0.00055
scoring_system epss
scoring_elements 0.17216
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3672
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1988342
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1988342
3
reference_url https://c-ares.haxx.se/adv_20210810.html
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/
url https://c-ares.haxx.se/adv_20210810.html
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992053
reference_id 992053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992053
7
reference_url https://security.archlinux.org/ASA-202108-13
reference_id ASA-202108-13
reference_type
scores
url https://security.archlinux.org/ASA-202108-13
8
reference_url https://security.archlinux.org/AVG-2268
reference_id AVG-2268
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2268
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3672
reference_id CVE-2021-3672
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-3672
10
reference_url https://security.gentoo.org/glsa/202401-02
reference_id GLSA-202401-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/
url https://security.gentoo.org/glsa/202401-02
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
13
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
14
reference_url https://access.redhat.com/errata/RHSA-2021:3623
reference_id RHSA-2021:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3623
15
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
16
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
17
reference_url https://access.redhat.com/errata/RHSA-2021:3666
reference_id RHSA-2021:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3666
18
reference_url https://access.redhat.com/errata/RHSA-2022:2043
reference_id RHSA-2022:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2043
19
reference_url https://usn.ubuntu.com/5034-1/
reference_id USN-5034-1
reference_type
scores
url https://usn.ubuntu.com/5034-1/
20
reference_url https://usn.ubuntu.com/5034-2/
reference_id USN-5034-2
reference_type
scores
url https://usn.ubuntu.com/5034-2/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-3672
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xdz-dku3-qqc4
2
url VCID-38k9-23j3-eqh7
vulnerability_id VCID-38k9-23j3-eqh7
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30581.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30581.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30581
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04633
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04676
published_at 2026-04-13T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04716
published_at 2026-04-09T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04709
published_at 2026-04-11T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04693
published_at 2026-04-12T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04657
published_at 2026-04-04T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.0467
published_at 2026-04-07T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04704
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30581
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30581
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30581
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
reference_id 1039990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219824
reference_id 2219824
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219824
6
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
7
reference_url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
reference_id june-2023-security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-05T14:18:07Z/
url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
8
reference_url https://access.redhat.com/errata/RHSA-2023:4330
reference_id RHSA-2023:4330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4330
9
reference_url https://access.redhat.com/errata/RHSA-2023:4331
reference_id RHSA-2023:4331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4331
10
reference_url https://access.redhat.com/errata/RHSA-2023:4536
reference_id RHSA-2023:4536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4536
11
reference_url https://access.redhat.com/errata/RHSA-2023:4537
reference_id RHSA-2023:4537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4537
12
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
13
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30581
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-38k9-23j3-eqh7
3
url VCID-4ak9-89fm-ybh2
vulnerability_id VCID-4ak9-89fm-ybh2
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30582.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30582.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30582
reference_id
reference_type
scores
0
value 0.00098
scoring_system epss
scoring_elements 0.2715
published_at 2026-04-02T12:55:00Z
1
value 0.00098
scoring_system epss
scoring_elements 0.26994
published_at 2026-04-13T12:55:00Z
2
value 0.00098
scoring_system epss
scoring_elements 0.27095
published_at 2026-04-11T12:55:00Z
3
value 0.00098
scoring_system epss
scoring_elements 0.27052
published_at 2026-04-12T12:55:00Z
4
value 0.00098
scoring_system epss
scoring_elements 0.27187
published_at 2026-04-04T12:55:00Z
5
value 0.00098
scoring_system epss
scoring_elements 0.26978
published_at 2026-04-07T12:55:00Z
6
value 0.00098
scoring_system epss
scoring_elements 0.27047
published_at 2026-04-08T12:55:00Z
7
value 0.00098
scoring_system epss
scoring_elements 0.27092
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30582
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219832
reference_id 2219832
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219832
3
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
4
reference_url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
reference_id june-2023-security-releases
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:09:51Z/
url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30582
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ak9-89fm-ybh2
4
url VCID-53xm-8w84-93cx
vulnerability_id VCID-53xm-8w84-93cx
summary Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22930.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22930.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22930
reference_id
reference_type
scores
0
value 0.00323
scoring_system epss
scoring_elements 0.55216
published_at 2026-04-01T12:55:00Z
1
value 0.00323
scoring_system epss
scoring_elements 0.55342
published_at 2026-04-13T12:55:00Z
2
value 0.00323
scoring_system epss
scoring_elements 0.55382
published_at 2026-04-11T12:55:00Z
3
value 0.00323
scoring_system epss
scoring_elements 0.55361
published_at 2026-04-12T12:55:00Z
4
value 0.00323
scoring_system epss
scoring_elements 0.55315
published_at 2026-04-02T12:55:00Z
5
value 0.00323
scoring_system epss
scoring_elements 0.55339
published_at 2026-04-04T12:55:00Z
6
value 0.00323
scoring_system epss
scoring_elements 0.55321
published_at 2026-04-07T12:55:00Z
7
value 0.00323
scoring_system epss
scoring_elements 0.55371
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22930
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1988394
reference_id 1988394
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1988394
5
reference_url https://security.archlinux.org/ASA-202108-1
reference_id ASA-202108-1
reference_type
scores
url https://security.archlinux.org/ASA-202108-1
6
reference_url https://security.archlinux.org/AVG-2239
reference_id AVG-2239
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2239
7
reference_url https://security.gentoo.org/glsa/202401-02
reference_id GLSA-202401-02
reference_type
scores
url https://security.gentoo.org/glsa/202401-02
8
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
9
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
10
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
11
reference_url https://access.redhat.com/errata/RHSA-2021:3623
reference_id RHSA-2021:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3623
12
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
13
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
14
reference_url https://access.redhat.com/errata/RHSA-2021:3666
reference_id RHSA-2021:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3666
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22930
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53xm-8w84-93cx
5
url VCID-5cf7-va9h-h3gy
vulnerability_id VCID-5cf7-va9h-h3gy
summary 
Improper Certificate Validation
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js does not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44531
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22783
published_at 2026-04-01T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.22952
published_at 2026-04-02T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22996
published_at 2026-04-04T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22789
published_at 2026-04-07T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.22863
published_at 2026-04-08T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22916
published_at 2026-04-09T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22936
published_at 2026-04-11T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22899
published_at 2026-04-12T12:55:00Z
8
value 0.00076
scoring_system epss
scoring_elements 0.22843
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44531
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1429694
reference_id
reference_type
scores
url https://hackerone.com/reports/1429694
10
reference_url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
11
reference_url https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220325-0007/
12
reference_url https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url https://www.debian.org/security/2022/dsa-5170
13
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
14
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040839
reference_id 2040839
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040839
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44531
reference_id CVE-2021-44531
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44531
18
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
20
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
21
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
22
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
23
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
24
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-44531
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5cf7-va9h-h3gy
6
url VCID-71yj-bmak-pkdu
vulnerability_id VCID-71yj-bmak-pkdu
summary Multiple vulnerabilities have been discovered in OpenSSL, the worst of which could result in remote code execution.
references
0
reference_url http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3602.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3602.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3602
reference_id
reference_type
scores
0
value 0.83219
scoring_system epss
scoring_elements 0.99262
published_at 2026-04-04T12:55:00Z
1
value 0.83219
scoring_system epss
scoring_elements 0.99268
published_at 2026-04-12T12:55:00Z
2
value 0.83219
scoring_system epss
scoring_elements 0.99259
published_at 2026-04-02T12:55:00Z
3
value 0.83219
scoring_system epss
scoring_elements 0.99267
published_at 2026-04-13T12:55:00Z
4
value 0.83219
scoring_system epss
scoring_elements 0.99266
published_at 2026-04-08T12:55:00Z
5
value 0.83219
scoring_system epss
scoring_elements 0.99265
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3602
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/alexcrichton/openssl-src-rs
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs
5
reference_url https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
6
reference_url https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
7
reference_url https://github.com/rustsec/advisory-db/pull/1452
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rustsec/advisory-db/pull/1452
8
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3
9
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3602
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3602
15
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
16
reference_url https://rustsec.org/advisories/RUSTSEC-2022-0064.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2022-0064.html
17
reference_url https://security.netapp.com/advisory/ntap-20221102-0001
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221102-0001
18
reference_url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
19
reference_url https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00789.html
20
reference_url https://www.kb.cert.org/vuls/id/794340
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url https://www.kb.cert.org/vuls/id/794340
21
reference_url https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
reference_id
reference_type
scores
url https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
22
reference_url https://www.openssl.org/news/secadv/20221101.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url https://www.openssl.org/news/secadv/20221101.txt
23
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/15
24
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/16
25
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/17
26
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/18
27
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/19
28
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/20
29
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/21
30
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/01/24
31
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/1
32
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/10
33
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/11
34
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/12
35
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/13
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/13
36
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/14
37
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/15
38
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/2
39
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/3
40
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/5
41
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/6
42
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/7
43
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/02/9
44
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/1
45
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/10
46
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/11
47
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/2
48
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/3
49
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/5
50
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/6
51
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/7
52
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url http://www.openwall.com/lists/oss-security/2022/11/03/9
53
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2137723
reference_id 2137723
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2137723
54
reference_url https://github.com/advisories/GHSA-8rwr-x37p-mx23
reference_id GHSA-8rwr-x37p-mx23
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8rwr-x37p-mx23
55
reference_url https://security.gentoo.org/glsa/202211-01
reference_id GLSA-202211-01
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:56Z/
url https://security.gentoo.org/glsa/202211-01
56
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
57
reference_url https://access.redhat.com/errata/RHSA-2022:7288
reference_id RHSA-2022:7288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7288
58
reference_url https://access.redhat.com/errata/RHSA-2022:7384
reference_id RHSA-2022:7384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7384
59
reference_url https://usn.ubuntu.com/5710-1/
reference_id USN-5710-1
reference_type
scores
url https://usn.ubuntu.com/5710-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-3602, GHSA-8rwr-x37p-mx23
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-71yj-bmak-pkdu
7
url VCID-7cth-47w2-17hy
vulnerability_id VCID-7cth-47w2-17hy
summary Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22940.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22940.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22940
reference_id
reference_type
scores
0
value 0.00386
scoring_system epss
scoring_elements 0.59679
published_at 2026-04-01T12:55:00Z
1
value 0.00386
scoring_system epss
scoring_elements 0.59797
published_at 2026-04-13T12:55:00Z
2
value 0.00386
scoring_system epss
scoring_elements 0.59831
published_at 2026-04-11T12:55:00Z
3
value 0.00386
scoring_system epss
scoring_elements 0.59815
published_at 2026-04-12T12:55:00Z
4
value 0.00386
scoring_system epss
scoring_elements 0.59753
published_at 2026-04-02T12:55:00Z
5
value 0.00386
scoring_system epss
scoring_elements 0.59777
published_at 2026-04-04T12:55:00Z
6
value 0.00386
scoring_system epss
scoring_elements 0.59747
published_at 2026-04-07T12:55:00Z
7
value 0.00386
scoring_system epss
scoring_elements 0.59799
published_at 2026-04-08T12:55:00Z
8
value 0.00386
scoring_system epss
scoring_elements 0.59812
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22940
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1993029
reference_id 1993029
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1993029
4
reference_url https://security.archlinux.org/AVG-2283
reference_id AVG-2283
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2283
5
reference_url https://security.gentoo.org/glsa/202401-02
reference_id GLSA-202401-02
reference_type
scores
url https://security.gentoo.org/glsa/202401-02
6
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
7
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
8
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
9
reference_url https://access.redhat.com/errata/RHSA-2021:3623
reference_id RHSA-2021:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3623
10
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
11
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
12
reference_url https://access.redhat.com/errata/RHSA-2021:3666
reference_id RHSA-2021:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3666
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22940
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7cth-47w2-17hy
8
url VCID-7mtb-yaq7-77ep
vulnerability_id VCID-7mtb-yaq7-77ep
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The npm package "tar" (aka node-tar) has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37712.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37712.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37712
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24623
published_at 2026-04-01T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.2458
published_at 2026-04-08T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24509
published_at 2026-04-07T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24737
published_at 2026-04-04T12:55:00Z
4
value 0.00085
scoring_system epss
scoring_elements 0.24698
published_at 2026-04-02T12:55:00Z
5
value 0.00085
scoring_system epss
scoring_elements 0.24545
published_at 2026-04-13T12:55:00Z
6
value 0.00085
scoring_system epss
scoring_elements 0.246
published_at 2026-04-12T12:55:00Z
7
value 0.00085
scoring_system epss
scoring_elements 0.24643
published_at 2026-04-11T12:55:00Z
8
value 0.00085
scoring_system epss
scoring_elements 0.24626
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37712
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/isaacs/node-tar/commit/1739408d3122af897caefd09662bce2ea477533b
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/1739408d3122af897caefd09662bce2ea477533b
7
reference_url https://github.com/isaacs/node-tar/commit/2f1bca027286c23e110b8dfc7efc10756fa3db5a
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/2f1bca027286c23e110b8dfc7efc10756fa3db5a
8
reference_url https://github.com/isaacs/node-tar/commit/3aaf19b2501bbddb145d92b3322c80dcaed3c35f
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/3aaf19b2501bbddb145d92b3322c80dcaed3c35f
9
reference_url https://github.com/isaacs/node-tar/commit/b6162c7fafe797f856564ef37f4b82747f051455
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/b6162c7fafe797f856564ef37f4b82747f051455
10
reference_url https://github.com/isaacs/node-tar/commit/bb93ba243746f705092905da1955ac3b0509ba1e
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/bb93ba243746f705092905da1955ac3b0509ba1e
11
reference_url https://github.com/isaacs/node-tar/commit/d56f790bda9fea807dd80c5083f24771dbdd6eb1
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/node-tar/commit/d56f790bda9fea807dd80c5083f24771dbdd6eb1
12
reference_url https://github.com/npm/node-tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar
13
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html
14
reference_url https://www.debian.org/security/2021/dsa-5008
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5008
15
reference_url https://www.npmjs.com/package/tar
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/tar
16
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999739
reference_id 1999739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999739
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993981
reference_id 993981
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993981
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37712
reference_id CVE-2021-37712
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37712
20
reference_url https://github.com/advisories/GHSA-qq89-hq3f-393p
reference_id GHSA-qq89-hq3f-393p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qq89-hq3f-393p
21
reference_url https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
reference_id GHSA-qq89-hq3f-393p
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
22
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
23
reference_url https://access.redhat.com/errata/RHSA-2021:5086
reference_id RHSA-2021:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5086
24
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
25
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
26
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
27
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-37712, GHSA-qq89-hq3f-393p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mtb-yaq7-77ep
9
url VCID-7tpb-9zrz-e7e1
vulnerability_id VCID-7tpb-9zrz-e7e1
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32212.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32212
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.19983
published_at 2026-04-02T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.20041
published_at 2026-04-04T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.19768
published_at 2026-04-07T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.19848
published_at 2026-04-08T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.19901
published_at 2026-04-09T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.19911
published_at 2026-04-11T12:55:00Z
6
value 0.00064
scoring_system epss
scoring_elements 0.19867
published_at 2026-04-12T12:55:00Z
7
value 0.00064
scoring_system epss
scoring_elements 0.19809
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32212
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105422
reference_id 2105422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105422
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
13
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
14
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
15
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
16
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
17
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-32212
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7tpb-9zrz-e7e1
10
url VCID-7z51-jgw6-v7hr
vulnerability_id VCID-7z51-jgw6-v7hr
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32005.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32005
reference_id
reference_type
scores
0
value 0.01138
scoring_system epss
scoring_elements 0.7835
published_at 2026-04-02T12:55:00Z
1
value 0.01138
scoring_system epss
scoring_elements 0.78381
published_at 2026-04-04T12:55:00Z
2
value 0.01324
scoring_system epss
scoring_elements 0.799
published_at 2026-04-13T12:55:00Z
3
value 0.01324
scoring_system epss
scoring_elements 0.79867
published_at 2026-04-07T12:55:00Z
4
value 0.01324
scoring_system epss
scoring_elements 0.79896
published_at 2026-04-08T12:55:00Z
5
value 0.01324
scoring_system epss
scoring_elements 0.79904
published_at 2026-04-09T12:55:00Z
6
value 0.01324
scoring_system epss
scoring_elements 0.79924
published_at 2026-04-11T12:55:00Z
7
value 0.01324
scoring_system epss
scoring_elements 0.79908
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32005
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://hackerone.com/reports/2051224
reference_id 2051224
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:42Z/
url https://hackerone.com/reports/2051224
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230958
reference_id 2230958
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230958
5
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
6
reference_url https://security.netapp.com/advisory/ntap-20231103-0004/
reference_id ntap-20231103-0004
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:42Z/
url https://security.netapp.com/advisory/ntap-20231103-0004/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-32005
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7z51-jgw6-v7hr
11
url VCID-8c4g-fjsa-nkhw
vulnerability_id VCID-8c4g-fjsa-nkhw
summary 
llhttp allows HTTP Request Smuggling via Improper Delimiting of Header Fields
The llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. The LF character (without CR) is sufficient to delimit HTTP header fields in the lihttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This can lead to HTTP Request Smuggling (HRS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32214.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32214
reference_id
reference_type
scores
0
value 0.45841
scoring_system epss
scoring_elements 0.97625
published_at 2026-04-13T12:55:00Z
1
value 0.45841
scoring_system epss
scoring_elements 0.97612
published_at 2026-04-07T12:55:00Z
2
value 0.45841
scoring_system epss
scoring_elements 0.97624
published_at 2026-04-12T12:55:00Z
3
value 0.45841
scoring_system epss
scoring_elements 0.97622
published_at 2026-04-11T12:55:00Z
4
value 0.45841
scoring_system epss
scoring_elements 0.97619
published_at 2026-04-09T12:55:00Z
5
value 0.45841
scoring_system epss
scoring_elements 0.97617
published_at 2026-04-08T12:55:00Z
6
value 0.45841
scoring_system epss
scoring_elements 0.97608
published_at 2026-04-02T12:55:00Z
7
value 0.45841
scoring_system epss
scoring_elements 0.97611
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32214
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://datatracker.ietf.org/doc/html/rfc7230#section-3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://datatracker.ietf.org/doc/html/rfc7230#section-3
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
12
reference_url https://hackerone.com/reports/1524692
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1524692
13
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
14
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32214
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-32214
16
reference_url https://security.netapp.com/advisory/ntap-20220915-0001
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0001
17
reference_url https://security.netapp.com/advisory/ntap-20220915-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220915-0001/
18
reference_url https://www.debian.org/security/2023/dsa-5326
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5326
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105428
reference_id 2105428
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105428
20
reference_url https://github.com/advisories/GHSA-q5vx-44v4-gch4
reference_id GHSA-q5vx-44v4-gch4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q5vx-44v4-gch4
21
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
22
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
23
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
24
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
25
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
26
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
27
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-32214, GHSA-q5vx-44v4-gch4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8c4g-fjsa-nkhw
12
url VCID-9g7s-y7nq-xfbb
vulnerability_id VCID-9g7s-y7nq-xfbb
summary Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22939.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22939.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22939
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31612
published_at 2026-04-01T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31617
published_at 2026-04-13T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31693
published_at 2026-04-11T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31653
published_at 2026-04-12T12:55:00Z
4
value 0.00124
scoring_system epss
scoring_elements 0.31744
published_at 2026-04-02T12:55:00Z
5
value 0.00124
scoring_system epss
scoring_elements 0.31788
published_at 2026-04-04T12:55:00Z
6
value 0.00124
scoring_system epss
scoring_elements 0.31607
published_at 2026-04-07T12:55:00Z
7
value 0.00124
scoring_system epss
scoring_elements 0.3166
published_at 2026-04-08T12:55:00Z
8
value 0.00124
scoring_system epss
scoring_elements 0.31689
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22939
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1993039
reference_id 1993039
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1993039
5
reference_url https://security.archlinux.org/AVG-2283
reference_id AVG-2283
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2283
6
reference_url https://security.gentoo.org/glsa/202401-02
reference_id GLSA-202401-02
reference_type
scores
url https://security.gentoo.org/glsa/202401-02
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
9
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
10
reference_url https://access.redhat.com/errata/RHSA-2021:3623
reference_id RHSA-2021:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3623
11
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
12
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
13
reference_url https://access.redhat.com/errata/RHSA-2021:3666
reference_id RHSA-2021:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3666
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22939
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9g7s-y7nq-xfbb
13
url VCID-9vk1-2ysq-3ygd
vulnerability_id VCID-9vk1-2ysq-3ygd
summary 
UNIX Symbolic Link (Symlink) Following
`@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder. This is accomplished by extracting package contents into a project's `node_modules` folder. If the `node_modules` folder of the root project or any of its dependencies is somehow replaced with a symbolic link, it could allow Arborist to write package dependencies to any arbitrary location on the file system. Note that symbolic links contained within package artifact contents are filtered out, so another means of creating a `node_modules` symbolic link would have to be employed. A `preinstall` script could replace `node_modules` with a symlink. (This is prevented by using `--ignore-scripts`.) An attacker could supply the target with a git repository, instructing them to run `npm install --ignore-scripts` in the root. This may be successful, because `npm install --ignore-scripts` is typically not capable of making changes outside of the project directory, so it may be deemed safe. This is patched in @npmcli/arborist which is included in npm v7.20.7. For more information including workarounds please see the referenced GHSA-gmw6-94gg-2rc2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39135.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39135.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39135
reference_id
reference_type
scores
0
value 0.00211
scoring_system epss
scoring_elements 0.43571
published_at 2026-04-13T12:55:00Z
1
value 0.00211
scoring_system epss
scoring_elements 0.43507
published_at 2026-04-01T12:55:00Z
2
value 0.00211
scoring_system epss
scoring_elements 0.43569
published_at 2026-04-02T12:55:00Z
3
value 0.00211
scoring_system epss
scoring_elements 0.43596
published_at 2026-04-04T12:55:00Z
4
value 0.00211
scoring_system epss
scoring_elements 0.43533
published_at 2026-04-07T12:55:00Z
5
value 0.00211
scoring_system epss
scoring_elements 0.43584
published_at 2026-04-08T12:55:00Z
6
value 0.00211
scoring_system epss
scoring_elements 0.43599
published_at 2026-04-09T12:55:00Z
7
value 0.00211
scoring_system epss
scoring_elements 0.43617
published_at 2026-04-11T12:55:00Z
8
value 0.00211
scoring_system epss
scoring_elements 0.43586
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39135
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39135
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39135
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/npm/arborist
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/arborist
6
reference_url https://www.npmjs.com/package/@npmcli/arborist
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/@npmcli/arborist
7
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999745
reference_id 1999745
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999745
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993405
reference_id 993405
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993405
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-39135
reference_id CVE-2021-39135
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-39135
11
reference_url https://github.com/advisories/GHSA-gmw6-94gg-2rc2
reference_id GHSA-gmw6-94gg-2rc2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gmw6-94gg-2rc2
12
reference_url https://github.com/npm/arborist/security/advisories/GHSA-gmw6-94gg-2rc2
reference_id GHSA-gmw6-94gg-2rc2
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/arborist/security/advisories/GHSA-gmw6-94gg-2rc2
13
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-39135, GHSA-gmw6-94gg-2rc2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vk1-2ysq-3ygd
14
url VCID-9yq7-aba3-c7c3
vulnerability_id VCID-9yq7-aba3-c7c3
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32559.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32559
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.18926
published_at 2026-04-13T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19169
published_at 2026-04-04T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.18885
published_at 2026-04-07T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.18963
published_at 2026-04-08T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19017
published_at 2026-04-09T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19024
published_at 2026-04-11T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.18977
published_at 2026-04-12T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22427
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32559
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
reference_id 1050739
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
5
reference_url https://hackerone.com/reports/1946470
reference_id 1946470
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/
url https://hackerone.com/reports/1946470
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230956
reference_id 2230956
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230956
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://security.netapp.com/advisory/ntap-20231006-0006/
reference_id ntap-20231006-0006
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T13:34:58Z/
url https://security.netapp.com/advisory/ntap-20231006-0006/
9
reference_url https://access.redhat.com/errata/RHSA-2023:5360
reference_id RHSA-2023:5360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5360
10
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
11
reference_url https://access.redhat.com/errata/RHSA-2023:5362
reference_id RHSA-2023:5362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5362
12
reference_url https://access.redhat.com/errata/RHSA-2023:5363
reference_id RHSA-2023:5363
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5363
13
reference_url https://access.redhat.com/errata/RHSA-2023:5532
reference_id RHSA-2023:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5532
14
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
15
reference_url https://usn.ubuntu.com/6822-1/
reference_id USN-6822-1
reference_type
scores
url https://usn.ubuntu.com/6822-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-32559
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9yq7-aba3-c7c3
15
url VCID-ap4u-dkwx-1kb3
vulnerability_id VCID-ap4u-dkwx-1kb3
summary Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22931
reference_id
reference_type
scores
0
value 0.00662
scoring_system epss
scoring_elements 0.71095
published_at 2026-04-01T12:55:00Z
1
value 0.00662
scoring_system epss
scoring_elements 0.71143
published_at 2026-04-13T12:55:00Z
2
value 0.00662
scoring_system epss
scoring_elements 0.71104
published_at 2026-04-02T12:55:00Z
3
value 0.00662
scoring_system epss
scoring_elements 0.71122
published_at 2026-04-04T12:55:00Z
4
value 0.00662
scoring_system epss
scoring_elements 0.71097
published_at 2026-04-07T12:55:00Z
5
value 0.00662
scoring_system epss
scoring_elements 0.71139
published_at 2026-04-08T12:55:00Z
6
value 0.00662
scoring_system epss
scoring_elements 0.71151
published_at 2026-04-09T12:55:00Z
7
value 0.00662
scoring_system epss
scoring_elements 0.71175
published_at 2026-04-11T12:55:00Z
8
value 0.00662
scoring_system epss
scoring_elements 0.7116
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22931
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://hackerone.com/reports/1178337
reference_id 1178337
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/
url https://hackerone.com/reports/1178337
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1993019
reference_id 1993019
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1993019
5
reference_url https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/
reference_id aug-2021-security-releases
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/
url https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/
6
reference_url https://security.archlinux.org/AVG-2286
reference_id AVG-2286
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2286
7
reference_url https://security.gentoo.org/glsa/202401-02
reference_id GLSA-202401-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/
url https://security.gentoo.org/glsa/202401-02
8
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
9
reference_url https://security.netapp.com/advisory/ntap-20210923-0001/
reference_id ntap-20210923-0001
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/
url https://security.netapp.com/advisory/ntap-20210923-0001/
10
reference_url https://security.netapp.com/advisory/ntap-20211022-0003/
reference_id ntap-20211022-0003
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/
url https://security.netapp.com/advisory/ntap-20211022-0003/
11
reference_url https://access.redhat.com/errata/RHSA-2021:3280
reference_id RHSA-2021:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3280
12
reference_url https://access.redhat.com/errata/RHSA-2021:3281
reference_id RHSA-2021:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3281
13
reference_url https://access.redhat.com/errata/RHSA-2021:3623
reference_id RHSA-2021:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3623
14
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
15
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
16
reference_url https://access.redhat.com/errata/RHSA-2021:3666
reference_id RHSA-2021:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3666
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22931
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ap4u-dkwx-1kb3
16
url VCID-b54b-pd2b-bygm
vulnerability_id VCID-b54b-pd2b-bygm
summary 
llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding
The llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).

Impacts:

- All versions of the nodejs 18.x, 16.x, and 14.x releases lines.
- llhttp v6.0.7 and llhttp v2.1.5 contains the fixes that were updated inside Node.js
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32213.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32213.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32213
reference_id
reference_type
scores
0
value 0.89626
scoring_system epss
scoring_elements 0.99561
published_at 2026-04-13T12:55:00Z
1
value 0.89626
scoring_system epss
scoring_elements 0.9956
published_at 2026-04-12T12:55:00Z
2
value 0.89626
scoring_system epss
scoring_elements 0.99559
published_at 2026-04-07T12:55:00Z
3
value 0.89626
scoring_system epss
scoring_elements 0.99558
published_at 2026-04-04T12:55:00Z
4
value 0.89626
scoring_system epss
scoring_elements 0.99557
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32213
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp/commit/18a4afc7ffb4e49dc9e2daebc50588199a6d1dbb
12
reference_url https://hackerone.com/reports/1524555
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/1524555
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/
19
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases
20
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32213
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-32213
22
reference_url https://security.netapp.com/advisory/ntap-20220915-0001
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0001
23
reference_url https://security.netapp.com/advisory/ntap-20220915-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220915-0001/
24
reference_url https://www.debian.org/security/2023/dsa-5326
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5326
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105430
reference_id 2105430
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105430
26
reference_url https://github.com/advisories/GHSA-5689-v88g-g6rv
reference_id GHSA-5689-v88g-g6rv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5689-v88g-g6rv
27
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
28
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
29
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
30
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
31
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
32
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
33
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-32213, GHSA-5689-v88g-g6rv
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b54b-pd2b-bygm
17
url VCID-dfdy-vhdd-5kh4
vulnerability_id VCID-dfdy-vhdd-5kh4
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35256.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35256
reference_id
reference_type
scores
0
value 0.03945
scoring_system epss
scoring_elements 0.88301
published_at 2026-04-02T12:55:00Z
1
value 0.03945
scoring_system epss
scoring_elements 0.88348
published_at 2026-04-13T12:55:00Z
2
value 0.03945
scoring_system epss
scoring_elements 0.88315
published_at 2026-04-04T12:55:00Z
3
value 0.03945
scoring_system epss
scoring_elements 0.8832
published_at 2026-04-07T12:55:00Z
4
value 0.03945
scoring_system epss
scoring_elements 0.88339
published_at 2026-04-08T12:55:00Z
5
value 0.03945
scoring_system epss
scoring_elements 0.88346
published_at 2026-04-09T12:55:00Z
6
value 0.03945
scoring_system epss
scoring_elements 0.88356
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35256
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/1675191
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:21:44Z/
url https://hackerone.com/reports/1675191
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130518
reference_id 2130518
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130518
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-35256
reference_id CVE-2022-35256
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-35256
13
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
14
reference_url https://access.redhat.com/errata/RHSA-2022:6963
reference_id RHSA-2022:6963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6963
15
reference_url https://access.redhat.com/errata/RHSA-2022:6964
reference_id RHSA-2022:6964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6964
16
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
17
reference_url https://access.redhat.com/errata/RHSA-2022:7821
reference_id RHSA-2022:7821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7821
18
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
19
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
20
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
21
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
22
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-35256
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dfdy-vhdd-5kh4
18
url VCID-e18p-c3m9-2qgy
vulnerability_id VCID-e18p-c3m9-2qgy
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44532
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32731
published_at 2026-04-01T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.32862
published_at 2026-04-02T12:55:00Z
2
value 0.00132
scoring_system epss
scoring_elements 0.32897
published_at 2026-04-04T12:55:00Z
3
value 0.00132
scoring_system epss
scoring_elements 0.32718
published_at 2026-04-07T12:55:00Z
4
value 0.00132
scoring_system epss
scoring_elements 0.32765
published_at 2026-04-08T12:55:00Z
5
value 0.00132
scoring_system epss
scoring_elements 0.32792
published_at 2026-04-09T12:55:00Z
6
value 0.00132
scoring_system epss
scoring_elements 0.32794
published_at 2026-04-11T12:55:00Z
7
value 0.00132
scoring_system epss
scoring_elements 0.32756
published_at 2026-04-12T12:55:00Z
8
value 0.00132
scoring_system epss
scoring_elements 0.3273
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44532
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040846
reference_id 2040846
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040846
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
13
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
14
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
15
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
16
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
17
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-44532
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e18p-c3m9-2qgy
19
url VCID-e7u5-356v-jbg7
vulnerability_id VCID-e7u5-356v-jbg7
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30590.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30590
reference_id
reference_type
scores
0
value 0.00954
scoring_system epss
scoring_elements 0.76361
published_at 2026-04-02T12:55:00Z
1
value 0.00954
scoring_system epss
scoring_elements 0.76391
published_at 2026-04-04T12:55:00Z
2
value 0.00954
scoring_system epss
scoring_elements 0.76373
published_at 2026-04-07T12:55:00Z
3
value 0.00954
scoring_system epss
scoring_elements 0.76405
published_at 2026-04-08T12:55:00Z
4
value 0.00954
scoring_system epss
scoring_elements 0.7642
published_at 2026-04-09T12:55:00Z
5
value 0.00954
scoring_system epss
scoring_elements 0.76445
published_at 2026-04-11T12:55:00Z
6
value 0.00954
scoring_system epss
scoring_elements 0.76423
published_at 2026-04-12T12:55:00Z
7
value 0.00954
scoring_system epss
scoring_elements 0.76418
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30590
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
reference_id 1039990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219842
reference_id 2219842
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219842
6
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
7
reference_url https://access.redhat.com/errata/RHSA-2023:4330
reference_id RHSA-2023:4330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4330
8
reference_url https://access.redhat.com/errata/RHSA-2023:4331
reference_id RHSA-2023:4331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4331
9
reference_url https://access.redhat.com/errata/RHSA-2023:4536
reference_id RHSA-2023:4536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4536
10
reference_url https://access.redhat.com/errata/RHSA-2023:4537
reference_id RHSA-2023:4537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4537
11
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
12
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
13
reference_url https://usn.ubuntu.com/6735-1/
reference_id USN-6735-1
reference_type
scores
url https://usn.ubuntu.com/6735-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30590
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7u5-356v-jbg7
20
url VCID-ec66-gwvw-kucs
vulnerability_id VCID-ec66-gwvw-kucs
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30587.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30587.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30587
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02564
published_at 2026-04-02T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02577
published_at 2026-04-13T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02591
published_at 2026-04-11T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02579
published_at 2026-04-12T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02578
published_at 2026-04-04T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02582
published_at 2026-04-07T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02587
published_at 2026-04-08T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02608
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30587
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219831
reference_id 2219831
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219831
3
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
4
reference_url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
reference_id june-2023-security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:23:12Z/
url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30587
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ec66-gwvw-kucs
21
url VCID-fu8u-pxaa-43be
vulnerability_id VCID-fu8u-pxaa-43be
summary 
Prototype Pollution in y18n
### Overview

The npm package `y18n` before versions 3.2.2, 4.0.1, and 5.0.5 is vulnerable to Prototype Pollution. 

### POC

```js
const y18n = require('y18n')();

y18n.setLocale('__proto__');
y18n.updateLocale({polluted: true});

console.log(polluted); // true
```

### Recommendation

Upgrade to version 3.2.2, 4.0.1, 5.0.5 or later.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7774.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7774.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7774
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.64536
published_at 2026-04-13T12:55:00Z
1
value 0.00469
scoring_system epss
scoring_elements 0.64496
published_at 2026-04-07T12:55:00Z
2
value 0.00469
scoring_system epss
scoring_elements 0.64564
published_at 2026-04-12T12:55:00Z
3
value 0.00469
scoring_system epss
scoring_elements 0.64576
published_at 2026-04-11T12:55:00Z
4
value 0.00469
scoring_system epss
scoring_elements 0.64561
published_at 2026-04-09T12:55:00Z
5
value 0.00469
scoring_system epss
scoring_elements 0.64545
published_at 2026-04-08T12:55:00Z
6
value 0.00469
scoring_system epss
scoring_elements 0.64455
published_at 2026-04-01T12:55:00Z
7
value 0.00469
scoring_system epss
scoring_elements 0.64509
published_at 2026-04-02T12:55:00Z
8
value 0.00469
scoring_system epss
scoring_elements 0.64538
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7774
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7774
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7774
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/yargs/y18n
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/yargs/y18n
6
reference_url https://github.com/yargs/y18n/commit/90401eea9062ad498f4f792e3fff8008c4c193a3
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/yargs/y18n/commit/90401eea9062ad498f4f792e3fff8008c4c193a3
7
reference_url https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25
8
reference_url https://github.com/yargs/y18n/issues/96
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/yargs/y18n/issues/96
9
reference_url https://github.com/yargs/y18n/pull/108
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/yargs/y18n/pull/108
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7774
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7774
11
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
12
reference_url https://snyk.io/vuln/SNYK-JS-Y18N-1021887
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-Y18N-1021887
13
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1898680
reference_id 1898680
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1898680
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976390
reference_id 976390
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976390
16
reference_url https://github.com/advisories/GHSA-c4w7-xm78-47vh
reference_id GHSA-c4w7-xm78-47vh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c4w7-xm78-47vh
17
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
18
reference_url https://access.redhat.com/errata/RHSA-2020:5305
reference_id RHSA-2020:5305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5305
19
reference_url https://access.redhat.com/errata/RHSA-2020:5499
reference_id RHSA-2020:5499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5499
20
reference_url https://access.redhat.com/errata/RHSA-2020:5633
reference_id RHSA-2020:5633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5633
21
reference_url https://access.redhat.com/errata/RHSA-2021:0421
reference_id RHSA-2021:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0421
22
reference_url https://access.redhat.com/errata/RHSA-2021:0521
reference_id RHSA-2021:0521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0521
23
reference_url https://access.redhat.com/errata/RHSA-2021:0548
reference_id RHSA-2021:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0548
24
reference_url https://access.redhat.com/errata/RHSA-2021:0551
reference_id RHSA-2021:0551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0551
25
reference_url https://access.redhat.com/errata/RHSA-2021:2041
reference_id RHSA-2021:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2041
26
reference_url https://access.redhat.com/errata/RHSA-2021:2438
reference_id RHSA-2021:2438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2438
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2020-7774, GHSA-c4w7-xm78-47vh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fu8u-pxaa-43be
22
url VCID-g4wu-n75v-p7ad
vulnerability_id VCID-g4wu-n75v-p7ad
summary 
`undici.request` vulnerable to SSRF using absolute URL on `pathname`
### Impact

`undici` is vulnerable to SSRF (Server-side Request Forgery) when an application takes in **user input** into the `path/pathname` option of `undici.request`.

If a user specifies a URL such as `http://127.0.0.1` or `//127.0.0.1`

```js
const undici = require("undici")
undici.request({origin: "http://example.com", pathname: "//127.0.0.1"})
```

Instead of processing the request as `http://example.org//127.0.0.1` (or `http://example.org/http://127.0.0.1` when `http://127.0.0.1 is used`), it actually processes the request as `http://127.0.0.1/` and sends it to `http://127.0.0.1`.

If a developer passes in user input into `path` parameter of `undici.request`, it can result in an _SSRF_ as they will assume that the hostname cannot change, when in actual fact it can change because the specified path parameter is combined with the base URL.

### Patches

This issue was fixed in `undici@5.8.1`.

### Workarounds

The best workaround is to validate user input before passing it to the `undici.request` call.

## For more information
If you have any questions or comments about this advisory:

- Open an issue in [undici repository](https://github.com/nodejs/undici/issues)
- To make a report, follow the [SECURITY](https://github.com/nodejs/node/blob/HEAD/SECURITY.md) document
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35949.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35949.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35949
reference_id
reference_type
scores
0
value 0.0039
scoring_system epss
scoring_elements 0.60044
published_at 2026-04-13T12:55:00Z
1
value 0.0039
scoring_system epss
scoring_elements 0.60061
published_at 2026-04-12T12:55:00Z
2
value 0.0039
scoring_system epss
scoring_elements 0.60077
published_at 2026-04-11T12:55:00Z
3
value 0.0039
scoring_system epss
scoring_elements 0.60056
published_at 2026-04-09T12:55:00Z
4
value 0.0039
scoring_system epss
scoring_elements 0.60042
published_at 2026-04-08T12:55:00Z
5
value 0.0039
scoring_system epss
scoring_elements 0.59992
published_at 2026-04-07T12:55:00Z
6
value 0.0039
scoring_system epss
scoring_elements 0.60022
published_at 2026-04-04T12:55:00Z
7
value 0.0039
scoring_system epss
scoring_elements 0.59997
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35949
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/nodejs/undici
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici
4
reference_url https://github.com/nodejs/undici/commit/124f7ebf705366b2e1844dff721928d270f87895
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:39:52Z/
url https://github.com/nodejs/undici/commit/124f7ebf705366b2e1844dff721928d270f87895
5
reference_url https://github.com/nodejs/undici/releases/tag/v5.8.2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:39:52Z/
url https://github.com/nodejs/undici/releases/tag/v5.8.2
6
reference_url https://github.com/nodejs/undici/security/advisories/GHSA-8qr4-xgw6-wmr3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:39:52Z/
url https://github.com/nodejs/undici/security/advisories/GHSA-8qr4-xgw6-wmr3
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-35949
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-35949
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2121068
reference_id 2121068
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2121068
9
reference_url https://github.com/advisories/GHSA-8qr4-xgw6-wmr3
reference_id GHSA-8qr4-xgw6-wmr3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8qr4-xgw6-wmr3
10
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-35949, GHSA-8qr4-xgw6-wmr3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g4wu-n75v-p7ad
23
url VCID-g5wj-ffk1-7bg7
vulnerability_id VCID-g5wj-ffk1-7bg7
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30586.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30586.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30586
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13467
published_at 2026-04-02T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13349
published_at 2026-04-13T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13406
published_at 2026-04-08T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13456
published_at 2026-04-09T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.1343
published_at 2026-04-11T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.13395
published_at 2026-04-12T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13529
published_at 2026-04-04T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13324
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30586
2
reference_url https://hackerone.com/reports/1954535
reference_id 1954535
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:27:16Z/
url https://hackerone.com/reports/1954535
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219837
reference_id 2219837
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219837
4
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
5
reference_url https://security.netapp.com/advisory/ntap-20230803-0008/
reference_id ntap-20230803-0008
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:27:16Z/
url https://security.netapp.com/advisory/ntap-20230803-0008/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30586
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g5wj-ffk1-7bg7
24
url VCID-gsbn-6t86-7kf9
vulnerability_id VCID-gsbn-6t86-7kf9
summary 
Loop with Unreachable Exit Condition ('Infinite Loop')
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters
references
0
reference_url http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0778
reference_id
reference_type
scores
0
value 0.06432
scoring_system epss
scoring_elements 0.91023
published_at 2026-04-04T12:55:00Z
1
value 0.07109
scoring_system epss
scoring_elements 0.91513
published_at 2026-04-07T12:55:00Z
2
value 0.07109
scoring_system epss
scoring_elements 0.91526
published_at 2026-04-08T12:55:00Z
3
value 0.07109
scoring_system epss
scoring_elements 0.91532
published_at 2026-04-09T12:55:00Z
4
value 0.07394
scoring_system epss
scoring_elements 0.91693
published_at 2026-04-01T12:55:00Z
5
value 0.07394
scoring_system epss
scoring_elements 0.91701
published_at 2026-04-02T12:55:00Z
6
value 0.07807
scoring_system epss
scoring_elements 0.91978
published_at 2026-04-13T12:55:00Z
7
value 0.08117
scoring_system epss
scoring_elements 0.92165
published_at 2026-04-11T12:55:00Z
8
value 0.08117
scoring_system epss
scoring_elements 0.92166
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0778
3
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
6
reference_url http://seclists.org/fulldisclosure/2022/May/33
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2022/May/33
7
reference_url http://seclists.org/fulldisclosure/2022/May/35
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2022/May/35
8
reference_url http://seclists.org/fulldisclosure/2022/May/38
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2022/May/38
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65
11
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83
12
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246
13
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
14
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
15
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
16
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
17
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG
24
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
25
reference_url https://rustsec.org/advisories/RUSTSEC-2022-0014.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2022-0014.html
26
reference_url https://security.netapp.com/advisory/ntap-20220321-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220321-0002
27
reference_url https://security.netapp.com/advisory/ntap-20220321-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220321-0002/
28
reference_url https://security.netapp.com/advisory/ntap-20220429-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220429-0005
29
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
30
reference_url https://support.apple.com/kb/HT213255
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT213255
31
reference_url https://support.apple.com/kb/HT213256
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT213256
32
reference_url https://support.apple.com/kb/HT213257
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT213257
33
reference_url https://www.debian.org/security/2022/dsa-5103
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5103
34
reference_url https://www.openssl.org/news/secadv/20220315.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openssl.org/news/secadv/20220315.txt
35
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
36
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
37
reference_url https://www.tenable.com/security/tns-2022-06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-06
38
reference_url https://www.tenable.com/security/tns-2022-07
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-07
39
reference_url https://www.tenable.com/security/tns-2022-08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-08
40
reference_url https://www.tenable.com/security/tns-2022-09
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-09
41
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2062202
reference_id 2062202
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2062202
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-0778
reference_id CVE-2022-0778
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-0778
43
reference_url https://github.com/advisories/GHSA-x3mh-jvjw-3xwx
reference_id GHSA-x3mh-jvjw-3xwx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x3mh-jvjw-3xwx
44
reference_url https://security.gentoo.org/glsa/202210-02
reference_id GLSA-202210-02
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202210-02
45
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
46
reference_url https://access.redhat.com/errata/RHSA-2022:1065
reference_id RHSA-2022:1065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1065
47
reference_url https://access.redhat.com/errata/RHSA-2022:1066
reference_id RHSA-2022:1066
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1066
48
reference_url https://access.redhat.com/errata/RHSA-2022:1071
reference_id RHSA-2022:1071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1071
49
reference_url https://access.redhat.com/errata/RHSA-2022:1073
reference_id RHSA-2022:1073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1073
50
reference_url https://access.redhat.com/errata/RHSA-2022:1076
reference_id RHSA-2022:1076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1076
51
reference_url https://access.redhat.com/errata/RHSA-2022:1077
reference_id RHSA-2022:1077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1077
52
reference_url https://access.redhat.com/errata/RHSA-2022:1078
reference_id RHSA-2022:1078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1078
53
reference_url https://access.redhat.com/errata/RHSA-2022:1082
reference_id RHSA-2022:1082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1082
54
reference_url https://access.redhat.com/errata/RHSA-2022:1091
reference_id RHSA-2022:1091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1091
55
reference_url https://access.redhat.com/errata/RHSA-2022:1112
reference_id RHSA-2022:1112
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1112
56
reference_url https://access.redhat.com/errata/RHSA-2022:1263
reference_id RHSA-2022:1263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1263
57
reference_url https://access.redhat.com/errata/RHSA-2022:1389
reference_id RHSA-2022:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1389
58
reference_url https://access.redhat.com/errata/RHSA-2022:1390
reference_id RHSA-2022:1390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1390
59
reference_url https://access.redhat.com/errata/RHSA-2022:1519
reference_id RHSA-2022:1519
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1519
60
reference_url https://access.redhat.com/errata/RHSA-2022:1520
reference_id RHSA-2022:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1520
61
reference_url https://access.redhat.com/errata/RHSA-2022:4896
reference_id RHSA-2022:4896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4896
62
reference_url https://access.redhat.com/errata/RHSA-2022:4899
reference_id RHSA-2022:4899
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4899
63
reference_url https://access.redhat.com/errata/RHSA-2022:5326
reference_id RHSA-2022:5326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5326
64
reference_url https://usn.ubuntu.com/5328-1/
reference_id USN-5328-1
reference_type
scores
url https://usn.ubuntu.com/5328-1/
65
reference_url https://usn.ubuntu.com/5328-2/
reference_id USN-5328-2
reference_type
scores
url https://usn.ubuntu.com/5328-2/
66
reference_url https://usn.ubuntu.com/6457-1/
reference_id USN-6457-1
reference_type
scores
url https://usn.ubuntu.com/6457-1/
67
reference_url https://usn.ubuntu.com/7894-1/
reference_id USN-7894-1
reference_type
scores
url https://usn.ubuntu.com/7894-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-0778, GHSA-x3mh-jvjw-3xwx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gsbn-6t86-7kf9
25
url VCID-gwyr-ac4e-dqfa
vulnerability_id VCID-gwyr-ac4e-dqfa
summary 
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
The llhttp parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22959.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22959
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43692
published_at 2026-04-01T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.4373
published_at 2026-04-13T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43779
published_at 2026-04-11T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43746
published_at 2026-04-12T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.43747
published_at 2026-04-02T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.43772
published_at 2026-04-04T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43706
published_at 2026-04-07T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43756
published_at 2026-04-08T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43759
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22959
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1238709
reference_id
reference_type
scores
url https://hackerone.com/reports/1238709
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2014057
reference_id 2014057
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2014057
11
reference_url https://security.archlinux.org/ASA-202110-4
reference_id ASA-202110-4
reference_type
scores
url https://security.archlinux.org/ASA-202110-4
12
reference_url https://security.archlinux.org/AVG-2460
reference_id AVG-2460
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2460
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22959
reference_id CVE-2021-22959
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22959
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
16
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
17
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
18
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22959
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gwyr-ac4e-dqfa
26
url VCID-kj75-vmwa-gqgq
vulnerability_id VCID-kj75-vmwa-gqgq
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32006.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32006.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32006
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22435
published_at 2026-04-02T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22328
published_at 2026-04-13T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22479
published_at 2026-04-04T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22267
published_at 2026-04-07T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.2235
published_at 2026-04-08T12:55:00Z
5
value 0.00074
scoring_system epss
scoring_elements 0.22405
published_at 2026-04-09T12:55:00Z
6
value 0.00074
scoring_system epss
scoring_elements 0.22426
published_at 2026-04-11T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22385
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32006
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32006
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32006
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
reference_id 1050739
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
5
reference_url https://hackerone.com/reports/2043807
reference_id 2043807
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/
url https://hackerone.com/reports/2043807
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230955
reference_id 2230955
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230955
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/
reference_id JQPELKG2LVTADSB7ME73AV4DXQK47PWK
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/
9
reference_url https://security.netapp.com/advisory/ntap-20230915-0009/
reference_id ntap-20230915-0009
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/
url https://security.netapp.com/advisory/ntap-20230915-0009/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/
reference_id PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:20:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/
11
reference_url https://access.redhat.com/errata/RHSA-2023:5360
reference_id RHSA-2023:5360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5360
12
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
13
reference_url https://access.redhat.com/errata/RHSA-2023:5362
reference_id RHSA-2023:5362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5362
14
reference_url https://access.redhat.com/errata/RHSA-2023:5363
reference_id RHSA-2023:5363
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5363
15
reference_url https://access.redhat.com/errata/RHSA-2023:5532
reference_id RHSA-2023:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5532
16
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
17
reference_url https://usn.ubuntu.com/6822-1/
reference_id USN-6822-1
reference_type
scores
url https://usn.ubuntu.com/6822-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-32006
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kj75-vmwa-gqgq
27
url VCID-m5ae-uc68-d3g2
vulnerability_id VCID-m5ae-uc68-d3g2
summary 
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
This advisory has been marked as a false positive.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21824
reference_id
reference_type
scores
0
value 0.00505
scoring_system epss
scoring_elements 0.66171
published_at 2026-04-02T12:55:00Z
1
value 0.0066
scoring_system epss
scoring_elements 0.71033
published_at 2026-04-07T12:55:00Z
2
value 0.0066
scoring_system epss
scoring_elements 0.71076
published_at 2026-04-08T12:55:00Z
3
value 0.0066
scoring_system epss
scoring_elements 0.71088
published_at 2026-04-09T12:55:00Z
4
value 0.0066
scoring_system epss
scoring_elements 0.71111
published_at 2026-04-11T12:55:00Z
5
value 0.0066
scoring_system epss
scoring_elements 0.71096
published_at 2026-04-12T12:55:00Z
6
value 0.0066
scoring_system epss
scoring_elements 0.7108
published_at 2026-04-13T12:55:00Z
7
value 0.0066
scoring_system epss
scoring_elements 0.71058
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21824
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1431042
reference_id
reference_type
scores
url https://hackerone.com/reports/1431042
10
reference_url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
11
reference_url https://security.netapp.com/advisory/ntap-20220325-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220325-0007/
12
reference_url https://security.netapp.com/advisory/ntap-20220729-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220729-0004/
13
reference_url https://www.debian.org/security/2022/dsa-5170
reference_id
reference_type
scores
url https://www.debian.org/security/2022/dsa-5170
14
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
15
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040862
reference_id 2040862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040862
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21824
reference_id CVE-2022-21824
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-21824
19
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
20
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
21
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
22
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
23
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
24
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
25
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-21824
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ae-uc68-d3g2
28
url VCID-m7rw-arzq-jba1
vulnerability_id VCID-m7rw-arzq-jba1
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43548.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43548
reference_id
reference_type
scores
0
value 0.00565
scoring_system epss
scoring_elements 0.68402
published_at 2026-04-02T12:55:00Z
1
value 0.00565
scoring_system epss
scoring_elements 0.68447
published_at 2026-04-13T12:55:00Z
2
value 0.00565
scoring_system epss
scoring_elements 0.68422
published_at 2026-04-04T12:55:00Z
3
value 0.00565
scoring_system epss
scoring_elements 0.68398
published_at 2026-04-07T12:55:00Z
4
value 0.00565
scoring_system epss
scoring_elements 0.68449
published_at 2026-04-08T12:55:00Z
5
value 0.00565
scoring_system epss
scoring_elements 0.68466
published_at 2026-04-09T12:55:00Z
6
value 0.00565
scoring_system epss
scoring_elements 0.68492
published_at 2026-04-11T12:55:00Z
7
value 0.00565
scoring_system epss
scoring_elements 0.6848
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43548
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518
reference_id 1023518
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023518
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140911
reference_id 2140911
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140911
12
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
13
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
reference_id msg00038.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html
14
reference_url https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/
reference_id november-2022-security-releases
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/
15
reference_url https://security.netapp.com/advisory/ntap-20230120-0004/
reference_id ntap-20230120-0004
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://security.netapp.com/advisory/ntap-20230120-0004/
16
reference_url https://security.netapp.com/advisory/ntap-20230427-0007/
reference_id ntap-20230427-0007
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T14:03:01Z/
url https://security.netapp.com/advisory/ntap-20230427-0007/
17
reference_url https://access.redhat.com/errata/RHSA-2022:8832
reference_id RHSA-2022:8832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8832
18
reference_url https://access.redhat.com/errata/RHSA-2022:8833
reference_id RHSA-2022:8833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8833
19
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
20
reference_url https://access.redhat.com/errata/RHSA-2023:0050
reference_id RHSA-2023:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0050
21
reference_url https://access.redhat.com/errata/RHSA-2023:0321
reference_id RHSA-2023:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0321
22
reference_url https://access.redhat.com/errata/RHSA-2023:0612
reference_id RHSA-2023:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0612
23
reference_url https://access.redhat.com/errata/RHSA-2023:1533
reference_id RHSA-2023:1533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1533
24
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
25
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-43548
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7rw-arzq-jba1
29
url VCID-ms5y-gp7v-2qay
vulnerability_id VCID-ms5y-gp7v-2qay
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44533
reference_id
reference_type
scores
0
value 0.00421
scoring_system epss
scoring_elements 0.61846
published_at 2026-04-01T12:55:00Z
1
value 0.00421
scoring_system epss
scoring_elements 0.6192
published_at 2026-04-07T12:55:00Z
2
value 0.00421
scoring_system epss
scoring_elements 0.6195
published_at 2026-04-04T12:55:00Z
3
value 0.00421
scoring_system epss
scoring_elements 0.61969
published_at 2026-04-08T12:55:00Z
4
value 0.00421
scoring_system epss
scoring_elements 0.61987
published_at 2026-04-09T12:55:00Z
5
value 0.00421
scoring_system epss
scoring_elements 0.62008
published_at 2026-04-11T12:55:00Z
6
value 0.00421
scoring_system epss
scoring_elements 0.61997
published_at 2026-04-12T12:55:00Z
7
value 0.00421
scoring_system epss
scoring_elements 0.61977
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44533
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
reference_id 1004177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2040856
reference_id 2040856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2040856
11
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
12
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
13
reference_url https://access.redhat.com/errata/RHSA-2022:7044
reference_id RHSA-2022:7044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7044
14
reference_url https://access.redhat.com/errata/RHSA-2022:7830
reference_id RHSA-2022:7830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7830
15
reference_url https://access.redhat.com/errata/RHSA-2022:9073
reference_id RHSA-2022:9073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9073
16
reference_url https://access.redhat.com/errata/RHSA-2023:1742
reference_id RHSA-2023:1742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1742
17
reference_url https://access.redhat.com/errata/RHSA-2023:3742
reference_id RHSA-2023:3742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3742
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-44533
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms5y-gp7v-2qay
30
url VCID-myru-vzn7-u7cf
vulnerability_id VCID-myru-vzn7-u7cf
summary 
UNIX Symbolic Link (Symlink) Following
`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39134.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39134.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39134
reference_id
reference_type
scores
0
value 0.00718
scoring_system epss
scoring_elements 0.72433
published_at 2026-04-13T12:55:00Z
1
value 0.00718
scoring_system epss
scoring_elements 0.72386
published_at 2026-04-01T12:55:00Z
2
value 0.00718
scoring_system epss
scoring_elements 0.72391
published_at 2026-04-02T12:55:00Z
3
value 0.00718
scoring_system epss
scoring_elements 0.72409
published_at 2026-04-04T12:55:00Z
4
value 0.00718
scoring_system epss
scoring_elements 0.72387
published_at 2026-04-07T12:55:00Z
5
value 0.00718
scoring_system epss
scoring_elements 0.72425
published_at 2026-04-08T12:55:00Z
6
value 0.00718
scoring_system epss
scoring_elements 0.72437
published_at 2026-04-09T12:55:00Z
7
value 0.00718
scoring_system epss
scoring_elements 0.7246
published_at 2026-04-11T12:55:00Z
8
value 0.00718
scoring_system epss
scoring_elements 0.72443
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39134
2
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39134
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39134
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/npm/arborist
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/arborist
6
reference_url https://www.npmjs.com/package/@npmcli/arborist
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/@npmcli/arborist
7
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999744
reference_id 1999744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999744
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993407
reference_id 993407
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993407
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-39134
reference_id CVE-2021-39134
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-39134
11
reference_url https://github.com/advisories/GHSA-2h3h-q99f-3fhc
reference_id GHSA-2h3h-q99f-3fhc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2h3h-q99f-3fhc
12
reference_url https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
reference_id GHSA-2h3h-q99f-3fhc
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
13
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-39134, GHSA-2h3h-q99f-3fhc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myru-vzn7-u7cf
31
url VCID-nj6f-gujk-wqah
vulnerability_id VCID-nj6f-gujk-wqah
summary A buffer overread vulnerability has been found in libuv.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22918.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22918.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22918
reference_id
reference_type
scores
0
value 0.00718
scoring_system epss
scoring_elements 0.72392
published_at 2026-04-07T12:55:00Z
1
value 0.00718
scoring_system epss
scoring_elements 0.72438
published_at 2026-04-13T12:55:00Z
2
value 0.00718
scoring_system epss
scoring_elements 0.72466
published_at 2026-04-11T12:55:00Z
3
value 0.00718
scoring_system epss
scoring_elements 0.72448
published_at 2026-04-12T12:55:00Z
4
value 0.00718
scoring_system epss
scoring_elements 0.72397
published_at 2026-04-02T12:55:00Z
5
value 0.00718
scoring_system epss
scoring_elements 0.72415
published_at 2026-04-04T12:55:00Z
6
value 0.00718
scoring_system epss
scoring_elements 0.72431
published_at 2026-04-08T12:55:00Z
7
value 0.00718
scoring_system epss
scoring_elements 0.72443
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22918
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1979338
reference_id 1979338
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1979338
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561
reference_id 990561
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561
5
reference_url https://security.archlinux.org/ASA-202107-13
reference_id ASA-202107-13
reference_type
scores
url https://security.archlinux.org/ASA-202107-13
6
reference_url https://security.archlinux.org/ASA-202107-36
reference_id ASA-202107-36
reference_type
scores
url https://security.archlinux.org/ASA-202107-36
7
reference_url https://security.archlinux.org/AVG-2126
reference_id AVG-2126
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2126
8
reference_url https://security.archlinux.org/AVG-2131
reference_id AVG-2131
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2131
9
reference_url https://security.gentoo.org/glsa/202401-23
reference_id GLSA-202401-23
reference_type
scores
url https://security.gentoo.org/glsa/202401-23
10
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
11
reference_url https://access.redhat.com/errata/RHSA-2021:2931
reference_id RHSA-2021:2931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2931
12
reference_url https://access.redhat.com/errata/RHSA-2021:2932
reference_id RHSA-2021:2932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2932
13
reference_url https://access.redhat.com/errata/RHSA-2021:3073
reference_id RHSA-2021:3073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3073
14
reference_url https://access.redhat.com/errata/RHSA-2021:3074
reference_id RHSA-2021:3074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3074
15
reference_url https://access.redhat.com/errata/RHSA-2021:3075
reference_id RHSA-2021:3075
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3075
16
reference_url https://access.redhat.com/errata/RHSA-2021:3638
reference_id RHSA-2021:3638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3638
17
reference_url https://access.redhat.com/errata/RHSA-2021:3639
reference_id RHSA-2021:3639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3639
18
reference_url https://usn.ubuntu.com/5007-1/
reference_id USN-5007-1
reference_type
scores
url https://usn.ubuntu.com/5007-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22918
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nj6f-gujk-wqah
32
url VCID-p31t-nxwe-yyf2
vulnerability_id VCID-p31t-nxwe-yyf2
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32558.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32558.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32558
reference_id
reference_type
scores
0
value 0.00193
scoring_system epss
scoring_elements 0.41223
published_at 2026-04-02T12:55:00Z
1
value 0.00193
scoring_system epss
scoring_elements 0.41253
published_at 2026-04-04T12:55:00Z
2
value 0.00193
scoring_system epss
scoring_elements 0.41179
published_at 2026-04-07T12:55:00Z
3
value 0.00193
scoring_system epss
scoring_elements 0.41227
published_at 2026-04-08T12:55:00Z
4
value 0.00193
scoring_system epss
scoring_elements 0.41236
published_at 2026-04-09T12:55:00Z
5
value 0.00193
scoring_system epss
scoring_elements 0.41258
published_at 2026-04-11T12:55:00Z
6
value 0.00193
scoring_system epss
scoring_elements 0.41226
published_at 2026-04-12T12:55:00Z
7
value 0.00193
scoring_system epss
scoring_elements 0.41212
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32558
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230952
reference_id 2230952
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230952
4
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-32558
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p31t-nxwe-yyf2
33
url VCID-pqnn-ers1-3fec
vulnerability_id VCID-pqnn-ers1-3fec
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22884.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.5038
published_at 2026-04-01T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50469
published_at 2026-04-13T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50507
published_at 2026-04-11T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50484
published_at 2026-04-12T12:55:00Z
4
value 0.0027
scoring_system epss
scoring_elements 0.50436
published_at 2026-04-02T12:55:00Z
5
value 0.0027
scoring_system epss
scoring_elements 0.50465
published_at 2026-04-09T12:55:00Z
6
value 0.0027
scoring_system epss
scoring_elements 0.50419
published_at 2026-04-07T12:55:00Z
7
value 0.0027
scoring_system epss
scoring_elements 0.50472
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22884
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
reference_id 1932024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932024
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22884
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqnn-ers1-3fec
34
url VCID-q75s-43sx-4kbg
vulnerability_id VCID-q75s-43sx-4kbg
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30588.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30588.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30588
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.0854
published_at 2026-04-02T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.08594
published_at 2026-04-04T12:55:00Z
2
value 0.0003
scoring_system epss
scoring_elements 0.08512
published_at 2026-04-07T12:55:00Z
3
value 0.0003
scoring_system epss
scoring_elements 0.08585
published_at 2026-04-08T12:55:00Z
4
value 0.0003
scoring_system epss
scoring_elements 0.08605
published_at 2026-04-09T12:55:00Z
5
value 0.0003
scoring_system epss
scoring_elements 0.08602
published_at 2026-04-11T12:55:00Z
6
value 0.0003
scoring_system epss
scoring_elements 0.08582
published_at 2026-04-12T12:55:00Z
7
value 0.0003
scoring_system epss
scoring_elements 0.08566
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30588
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
reference_id 1039990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219838
reference_id 2219838
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219838
5
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
6
reference_url https://access.redhat.com/errata/RHSA-2023:4330
reference_id RHSA-2023:4330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4330
7
reference_url https://access.redhat.com/errata/RHSA-2023:4331
reference_id RHSA-2023:4331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4331
8
reference_url https://access.redhat.com/errata/RHSA-2023:4536
reference_id RHSA-2023:4536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4536
9
reference_url https://access.redhat.com/errata/RHSA-2023:4537
reference_id RHSA-2023:4537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4537
10
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
11
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
12
reference_url https://usn.ubuntu.com/6735-1/
reference_id USN-6735-1
reference_type
scores
url https://usn.ubuntu.com/6735-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30588
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q75s-43sx-4kbg
35
url VCID-q8th-849w-bfhp
vulnerability_id VCID-q8th-849w-bfhp
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
reference_id
reference_type
scores
0
value 0.89427
scoring_system epss
scoring_elements 0.99544
published_at 2026-04-02T12:55:00Z
1
value 0.89427
scoring_system epss
scoring_elements 0.99548
published_at 2026-04-13T12:55:00Z
2
value 0.89427
scoring_system epss
scoring_elements 0.99546
published_at 2026-04-11T12:55:00Z
3
value 0.89427
scoring_system epss
scoring_elements 0.99547
published_at 2026-04-12T12:55:00Z
4
value 0.89427
scoring_system epss
scoring_elements 0.99545
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
reference_id 1932014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1932014
6
reference_url https://security.archlinux.org/AVG-1604
reference_id AVG-1604
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1604
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://access.redhat.com/errata/RHSA-2021:0734
reference_id RHSA-2021:0734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0734
9
reference_url https://access.redhat.com/errata/RHSA-2021:0735
reference_id RHSA-2021:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0735
10
reference_url https://access.redhat.com/errata/RHSA-2021:0738
reference_id RHSA-2021:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0738
11
reference_url https://access.redhat.com/errata/RHSA-2021:0739
reference_id RHSA-2021:0739
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0739
12
reference_url https://access.redhat.com/errata/RHSA-2021:0740
reference_id RHSA-2021:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0740
13
reference_url https://access.redhat.com/errata/RHSA-2021:0741
reference_id RHSA-2021:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0741
14
reference_url https://access.redhat.com/errata/RHSA-2021:0744
reference_id RHSA-2021:0744
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0744
15
reference_url https://access.redhat.com/errata/RHSA-2021:0827
reference_id RHSA-2021:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0827
16
reference_url https://access.redhat.com/errata/RHSA-2021:0830
reference_id RHSA-2021:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0830
17
reference_url https://access.redhat.com/errata/RHSA-2021:0831
reference_id RHSA-2021:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0831
18
reference_url https://usn.ubuntu.com/6418-1/
reference_id USN-6418-1
reference_type
scores
url https://usn.ubuntu.com/6418-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22883
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8th-849w-bfhp
36
url VCID-rg1f-5nhq-m7ea
vulnerability_id VCID-rg1f-5nhq-m7ea
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32004.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32004.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32004
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30769
published_at 2026-04-02T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30639
published_at 2026-04-13T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30818
published_at 2026-04-04T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30635
published_at 2026-04-07T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30693
published_at 2026-04-08T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30725
published_at 2026-04-09T12:55:00Z
6
value 0.00118
scoring_system epss
scoring_elements 0.30729
published_at 2026-04-11T12:55:00Z
7
value 0.00118
scoring_system epss
scoring_elements 0.30683
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32004
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://hackerone.com/reports/2038134
reference_id 2038134
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/
url https://hackerone.com/reports/2038134
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230951
reference_id 2230951
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230951
5
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/
reference_id JQPELKG2LVTADSB7ME73AV4DXQK47PWK
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/
7
reference_url https://security.netapp.com/advisory/ntap-20230915-0009/
reference_id ntap-20230915-0009
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/
url https://security.netapp.com/advisory/ntap-20230915-0009/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/
reference_id PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-32004
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg1f-5nhq-m7ea
37
url VCID-rskk-s95c-rfgz
vulnerability_id VCID-rskk-s95c-rfgz
summary 
Nodejs ‘undici’ vulnerable to CRLF Injection via Content-Type
### Impact

`=< undici@5.8.0` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header.

Example:

```
import { request } from 'undici'

const unsanitizedContentTypeInput =  'application/json\r\n\r\nGET /foo2 HTTP/1.1'

await request('http://localhost:3000, {
    method: 'GET',
    headers: {
      'content-type': unsanitizedContentTypeInput
    },
})
```

The above snippet will perform two requests in a single `request` API call:

1) `http://localhost:3000/`
2) `http://localhost:3000/foo2`

### Patches

This issue was patched in Undici v5.8.1

### Workarounds

Sanitize input when sending content-type headers using user input.

## For more information
If you have any questions or comments about this advisory:

- Open an issue in [undici repository](https://github.com/nodejs/undici/issues)
- To make a report, follow the [SECURITY](https://github.com/nodejs/node/blob/HEAD/SECURITY.md) document
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35948.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35948.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35948
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37421
published_at 2026-04-13T12:55:00Z
1
value 0.00165
scoring_system epss
scoring_elements 0.37448
published_at 2026-04-12T12:55:00Z
2
value 0.00165
scoring_system epss
scoring_elements 0.37482
published_at 2026-04-11T12:55:00Z
3
value 0.00165
scoring_system epss
scoring_elements 0.37468
published_at 2026-04-09T12:55:00Z
4
value 0.00165
scoring_system epss
scoring_elements 0.37455
published_at 2026-04-08T12:55:00Z
5
value 0.00165
scoring_system epss
scoring_elements 0.37404
published_at 2026-04-07T12:55:00Z
6
value 0.00165
scoring_system epss
scoring_elements 0.37576
published_at 2026-04-04T12:55:00Z
7
value 0.00165
scoring_system epss
scoring_elements 0.37552
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35948
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/nodejs/undici
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/undici
4
reference_url https://github.com/nodejs/undici/commit/66165d604fd0aee70a93ed5c44ad4cc2df395f80
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:39:48Z/
url https://github.com/nodejs/undici/commit/66165d604fd0aee70a93ed5c44ad4cc2df395f80
5
reference_url https://github.com/nodejs/undici/releases/tag/v5.8.2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:39:48Z/
url https://github.com/nodejs/undici/releases/tag/v5.8.2
6
reference_url https://github.com/nodejs/undici/security/advisories/GHSA-f772-66g8-q5h3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:39:48Z/
url https://github.com/nodejs/undici/security/advisories/GHSA-f772-66g8-q5h3
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-35948
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-35948
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2121101
reference_id 2121101
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2121101
9
reference_url https://github.com/advisories/GHSA-f772-66g8-q5h3
reference_id GHSA-f772-66g8-q5h3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f772-66g8-q5h3
10
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-35948, GHSA-f772-66g8-q5h3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rskk-s95c-rfgz
38
url VCID-sag8-repb-g3f4
vulnerability_id VCID-sag8-repb-g3f4
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32002.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32002.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32002
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12197
published_at 2026-04-02T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12116
published_at 2026-04-13T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12044
published_at 2026-04-07T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12126
published_at 2026-04-08T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.12177
published_at 2026-04-09T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.12184
published_at 2026-04-11T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.12148
published_at 2026-04-12T12:55:00Z
7
value 0.0004
scoring_system epss
scoring_elements 0.12243
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32002
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32002
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
reference_id 1050739
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050739
5
reference_url https://hackerone.com/reports/1960870
reference_id 1960870
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-02T14:47:51Z/
url https://hackerone.com/reports/1960870
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230948
reference_id 2230948
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230948
7
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
8
reference_url https://security.netapp.com/advisory/ntap-20230915-0009/
reference_id ntap-20230915-0009
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-02T14:47:51Z/
url https://security.netapp.com/advisory/ntap-20230915-0009/
9
reference_url https://access.redhat.com/errata/RHSA-2023:5360
reference_id RHSA-2023:5360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5360
10
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
11
reference_url https://access.redhat.com/errata/RHSA-2023:5362
reference_id RHSA-2023:5362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5362
12
reference_url https://access.redhat.com/errata/RHSA-2023:5363
reference_id RHSA-2023:5363
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5363
13
reference_url https://access.redhat.com/errata/RHSA-2023:5532
reference_id RHSA-2023:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5532
14
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
15
reference_url https://usn.ubuntu.com/6822-1/
reference_id USN-6822-1
reference_type
scores
url https://usn.ubuntu.com/6822-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-32002
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sag8-repb-g3f4
39
url VCID-sthj-jvke-tyg7
vulnerability_id VCID-sthj-jvke-tyg7
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30584.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30584.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30584
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01882
published_at 2026-04-02T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01874
published_at 2026-04-13T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.0191
published_at 2026-04-09T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01879
published_at 2026-04-12T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01895
published_at 2026-04-11T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01894
published_at 2026-04-07T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01897
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30584
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219829
reference_id 2219829
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219829
3
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
4
reference_url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
reference_id june-2023-security-releases
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T18:33:59Z/
url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30584
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sthj-jvke-tyg7
40
url VCID-tnhd-rr89-9udh
vulnerability_id VCID-tnhd-rr89-9udh
summary 
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
The parse function in llhttp ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22960.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22960
reference_id
reference_type
scores
0
value 0.00229
scoring_system epss
scoring_elements 0.45642
published_at 2026-04-01T12:55:00Z
1
value 0.00229
scoring_system epss
scoring_elements 0.45721
published_at 2026-04-12T12:55:00Z
2
value 0.00229
scoring_system epss
scoring_elements 0.45733
published_at 2026-04-08T12:55:00Z
3
value 0.00229
scoring_system epss
scoring_elements 0.45751
published_at 2026-04-11T12:55:00Z
4
value 0.00229
scoring_system epss
scoring_elements 0.45709
published_at 2026-04-02T12:55:00Z
5
value 0.00229
scoring_system epss
scoring_elements 0.45729
published_at 2026-04-13T12:55:00Z
6
value 0.00229
scoring_system epss
scoring_elements 0.45677
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://hackerone.com/reports/1238099
reference_id
reference_type
scores
url https://hackerone.com/reports/1238099
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2014059
reference_id 2014059
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2014059
11
reference_url https://security.archlinux.org/ASA-202110-4
reference_id ASA-202110-4
reference_type
scores
url https://security.archlinux.org/ASA-202110-4
12
reference_url https://security.archlinux.org/AVG-2460
reference_id AVG-2460
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2460
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22960
reference_id CVE-2021-22960
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22960
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2021:5171
reference_id RHSA-2021:5171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5171
16
reference_url https://access.redhat.com/errata/RHSA-2022:0041
reference_id RHSA-2022:0041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0041
17
reference_url https://access.redhat.com/errata/RHSA-2022:0246
reference_id RHSA-2022:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0246
18
reference_url https://access.redhat.com/errata/RHSA-2022:0350
reference_id RHSA-2022:0350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0350
19
reference_url https://access.redhat.com/errata/RHSA-2022:4914
reference_id RHSA-2022:4914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4914
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2021-22960
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnhd-rr89-9udh
41
url VCID-ueyx-hwjr-fuhq
vulnerability_id VCID-ueyx-hwjr-fuhq
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30583.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30583.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30583
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05743
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05805
published_at 2026-04-13T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05821
published_at 2026-04-11T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05812
published_at 2026-04-12T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05784
published_at 2026-04-04T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05778
published_at 2026-04-07T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05818
published_at 2026-04-08T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05843
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30583
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219833
reference_id 2219833
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219833
3
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
4
reference_url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
reference_id june-2023-security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:28:41Z/
url https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30583
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ueyx-hwjr-fuhq
42
url VCID-uftn-4gjb-dqe6
vulnerability_id VCID-uftn-4gjb-dqe6
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32003.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32003.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32003
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19891
published_at 2026-04-02T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19708
published_at 2026-04-13T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19947
published_at 2026-04-04T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19674
published_at 2026-04-07T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19754
published_at 2026-04-08T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19805
published_at 2026-04-09T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.1981
published_at 2026-04-11T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19765
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32003
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://hackerone.com/reports/2037887
reference_id 2037887
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/
url https://hackerone.com/reports/2037887
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230959
reference_id 2230959
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230959
5
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/
reference_id JQPELKG2LVTADSB7ME73AV4DXQK47PWK
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/
7
reference_url https://security.netapp.com/advisory/ntap-20230915-0009/
reference_id ntap-20230915-0009
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/
url https://security.netapp.com/advisory/ntap-20230915-0009/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/
reference_id PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-32003
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uftn-4gjb-dqe6
43
url VCID-v3uy-dqn9-qye5
vulnerability_id VCID-v3uy-dqn9-qye5
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32222
reference_id
reference_type
scores
0
value 0.0062
scoring_system epss
scoring_elements 0.69973
published_at 2026-04-02T12:55:00Z
1
value 0.0062
scoring_system epss
scoring_elements 0.69987
published_at 2026-04-04T12:55:00Z
2
value 0.0062
scoring_system epss
scoring_elements 0.69964
published_at 2026-04-07T12:55:00Z
3
value 0.0062
scoring_system epss
scoring_elements 0.70012
published_at 2026-04-08T12:55:00Z
4
value 0.0062
scoring_system epss
scoring_elements 0.70028
published_at 2026-04-09T12:55:00Z
5
value 0.0062
scoring_system epss
scoring_elements 0.70051
published_at 2026-04-11T12:55:00Z
6
value 0.0062
scoring_system epss
scoring_elements 0.70036
published_at 2026-04-12T12:55:00Z
7
value 0.0062
scoring_system epss
scoring_elements 0.70023
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32222
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105424
reference_id 2105424
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105424
4
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-32222
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3uy-dqn9-qye5
44
url VCID-wzcw-dd7m-zkaz
vulnerability_id VCID-wzcw-dd7m-zkaz
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32215.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32215.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32215
reference_id
reference_type
scores
0
value 0.88764
scoring_system epss
scoring_elements 0.99508
published_at 2026-04-02T12:55:00Z
1
value 0.88764
scoring_system epss
scoring_elements 0.9951
published_at 2026-04-04T12:55:00Z
2
value 0.88764
scoring_system epss
scoring_elements 0.99513
published_at 2026-04-13T12:55:00Z
3
value 0.88764
scoring_system epss
scoring_elements 0.99511
published_at 2026-04-07T12:55:00Z
4
value 0.88764
scoring_system epss
scoring_elements 0.99512
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32215
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/1501679
reference_id
reference_type
scores
url https://hackerone.com/reports/1501679
11
reference_url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
reference_id
reference_type
scores
url https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105426
reference_id 2105426
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105426
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32215
reference_id CVE-2022-32215
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-32215
14
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
15
reference_url https://access.redhat.com/errata/RHSA-2022:6389
reference_id RHSA-2022:6389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6389
16
reference_url https://access.redhat.com/errata/RHSA-2022:6448
reference_id RHSA-2022:6448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6448
17
reference_url https://access.redhat.com/errata/RHSA-2022:6449
reference_id RHSA-2022:6449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6449
18
reference_url https://access.redhat.com/errata/RHSA-2022:6595
reference_id RHSA-2022:6595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6595
19
reference_url https://access.redhat.com/errata/RHSA-2022:6985
reference_id RHSA-2022:6985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6985
20
reference_url https://usn.ubuntu.com/6491-1/
reference_id USN-6491-1
reference_type
scores
url https://usn.ubuntu.com/6491-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-32215
risk_score 10.0
exploitability 2.0
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wzcw-dd7m-zkaz
45
url VCID-xnzh-wpd4-63f9
vulnerability_id VCID-xnzh-wpd4-63f9
summary Multiple vulnerabilities have been discovered in Node.js.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35255.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35255.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-35255
reference_id
reference_type
scores
0
value 0.01191
scoring_system epss
scoring_elements 0.78868
published_at 2026-04-11T12:55:00Z
1
value 0.01191
scoring_system epss
scoring_elements 0.78841
published_at 2026-04-13T12:55:00Z
2
value 0.01191
scoring_system epss
scoring_elements 0.78851
published_at 2026-04-12T12:55:00Z
3
value 0.01191
scoring_system epss
scoring_elements 0.78829
published_at 2026-04-04T12:55:00Z
4
value 0.01191
scoring_system epss
scoring_elements 0.78812
published_at 2026-04-07T12:55:00Z
5
value 0.01191
scoring_system epss
scoring_elements 0.78838
published_at 2026-04-08T12:55:00Z
6
value 0.01191
scoring_system epss
scoring_elements 0.78844
published_at 2026-04-09T12:55:00Z
7
value 0.01191
scoring_system epss
scoring_elements 0.788
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-35255
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32214
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32215
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://hackerone.com/reports/1690000
reference_id 1690000
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:23:49Z/
url https://hackerone.com/reports/1690000
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130517
reference_id 2130517
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130517
12
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
13
reference_url https://security.netapp.com/advisory/ntap-20230113-0002/
reference_id ntap-20230113-0002
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:23:49Z/
url https://security.netapp.com/advisory/ntap-20230113-0002/
14
reference_url https://access.redhat.com/errata/RHSA-2022:6963
reference_id RHSA-2022:6963
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6963
15
reference_url https://access.redhat.com/errata/RHSA-2022:6964
reference_id RHSA-2022:6964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6964
16
reference_url https://access.redhat.com/errata/RHSA-2022:7821
reference_id RHSA-2022:7821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7821
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-35255
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnzh-wpd4-63f9
46
url VCID-xq7s-zrwb-yffw
vulnerability_id VCID-xq7s-zrwb-yffw
summary Multiple vulnerabilities have been discovered in OpenSSL, the worst of which could result in remote code execution.
references
0
reference_url http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3786.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3786
reference_id
reference_type
scores
0
value 0.2063
scoring_system epss
scoring_elements 0.95557
published_at 2026-04-02T12:55:00Z
1
value 0.2063
scoring_system epss
scoring_elements 0.95562
published_at 2026-04-04T12:55:00Z
2
value 0.2063
scoring_system epss
scoring_elements 0.95565
published_at 2026-04-07T12:55:00Z
3
value 0.2063
scoring_system epss
scoring_elements 0.95582
published_at 2026-04-13T12:55:00Z
4
value 0.2063
scoring_system epss
scoring_elements 0.95579
published_at 2026-04-11T12:55:00Z
5
value 0.2063
scoring_system epss
scoring_elements 0.9558
published_at 2026-04-12T12:55:00Z
6
value 0.2063
scoring_system epss
scoring_elements 0.95572
published_at 2026-04-08T12:55:00Z
7
value 0.2063
scoring_system epss
scoring_elements 0.95575
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3786
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/alexcrichton/openssl-src-rs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs
5
reference_url https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3
6
reference_url https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openssl/openssl/commit/fe3b639dc19b325846f4f6801f2f4604f56e3de3
7
reference_url https://github.com/rustsec/advisory-db/pull/1452
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rustsec/advisory-db/pull/1452
8
reference_url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
9
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3786
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3786
19
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
20
reference_url https://rustsec.org/advisories/RUSTSEC-2022-0065.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2022-0065.html
21
reference_url https://security.netapp.com/advisory/ntap-20221102-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221102-0001
22
reference_url https://security.netapp.com/advisory/ntap-20221102-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20221102-0001/
23
reference_url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
24
reference_url https://www.kb.cert.org/vuls/id/794340
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.kb.cert.org/vuls/id/794340
25
reference_url https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
reference_id
reference_type
scores
url https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
26
reference_url https://www.openssl.org/news/secadv/20221101.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:54Z/
url https://www.openssl.org/news/secadv/20221101.txt
27
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/15
28
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/16
29
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/17
30
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/18
31
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/19
32
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/20
33
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/21
34
reference_url http://www.openwall.com/lists/oss-security/2022/11/01/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/01/24
35
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/1
36
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/10
37
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/11
38
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/12
39
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/13
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/13
40
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/14
41
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/15
42
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/2
43
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/3
44
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/5
45
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/6
46
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/7
47
reference_url http://www.openwall.com/lists/oss-security/2022/11/02/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/02/9
48
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/1
49
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/10
50
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/11
51
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/2
52
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/3
53
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/5
54
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/6
55
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/7
56
reference_url http://www.openwall.com/lists/oss-security/2022/11/03/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/03/9
57
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2139104
reference_id 2139104
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2139104
58
reference_url https://github.com/advisories/GHSA-h8jm-2x53-xhp5
reference_id GHSA-h8jm-2x53-xhp5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h8jm-2x53-xhp5
59
reference_url https://security.gentoo.org/glsa/202211-01
reference_id GLSA-202211-01
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202211-01
60
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
61
reference_url https://access.redhat.com/errata/RHSA-2022:7288
reference_id RHSA-2022:7288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7288
62
reference_url https://access.redhat.com/errata/RHSA-2022:7384
reference_id RHSA-2022:7384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7384
63
reference_url https://usn.ubuntu.com/5710-1/
reference_id USN-5710-1
reference_type
scores
url https://usn.ubuntu.com/5710-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2022-3786, GHSA-h8jm-2x53-xhp5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xq7s-zrwb-yffw
47
url VCID-zstw-3wmu-u3c8
vulnerability_id VCID-zstw-3wmu-u3c8
summary 
llhttp vulnerable to HTTP request smuggling
The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).

The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30589.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30589
reference_id
reference_type
scores
0
value 0.01916
scoring_system epss
scoring_elements 0.83313
published_at 2026-04-13T12:55:00Z
1
value 0.01916
scoring_system epss
scoring_elements 0.83317
published_at 2026-04-12T12:55:00Z
2
value 0.01916
scoring_system epss
scoring_elements 0.83261
published_at 2026-04-02T12:55:00Z
3
value 0.01916
scoring_system epss
scoring_elements 0.83276
published_at 2026-04-04T12:55:00Z
4
value 0.01916
scoring_system epss
scoring_elements 0.83275
published_at 2026-04-07T12:55:00Z
5
value 0.01916
scoring_system epss
scoring_elements 0.83299
published_at 2026-04-08T12:55:00Z
6
value 0.01916
scoring_system epss
scoring_elements 0.83323
published_at 2026-04-11T12:55:00Z
7
value 0.01916
scoring_system epss
scoring_elements 0.83308
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30589
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/nodejs/llhttp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp
5
reference_url https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nodejs/llhttp/releases/tag/release%2Fv8.1.1
6
reference_url https://hackerone.com/reports/2001873
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hackerone.com/reports/2001873
7
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76
14
reference_url https://security.netapp.com/advisory/ntap-20230803-0009
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230803-0009
15
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
reference_id 1039990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2219841
reference_id 2219841
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2219841
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-30589
reference_id CVE-2023-30589
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-30589
19
reference_url https://github.com/advisories/GHSA-cggh-pq45-6h9x
reference_id GHSA-cggh-pq45-6h9x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cggh-pq45-6h9x
20
reference_url https://security.gentoo.org/glsa/202405-29
reference_id GLSA-202405-29
reference_type
scores
url https://security.gentoo.org/glsa/202405-29
21
reference_url https://access.redhat.com/errata/RHSA-2023:4330
reference_id RHSA-2023:4330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4330
22
reference_url https://access.redhat.com/errata/RHSA-2023:4331
reference_id RHSA-2023:4331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4331
23
reference_url https://access.redhat.com/errata/RHSA-2023:4536
reference_id RHSA-2023:4536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4536
24
reference_url https://access.redhat.com/errata/RHSA-2023:4537
reference_id RHSA-2023:4537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4537
25
reference_url https://access.redhat.com/errata/RHSA-2023:5361
reference_id RHSA-2023:5361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5361
26
reference_url https://access.redhat.com/errata/RHSA-2023:5533
reference_id RHSA-2023:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5533
27
reference_url https://usn.ubuntu.com/6735-1/
reference_id USN-6735-1
reference_type
scores
url https://usn.ubuntu.com/6735-1/
fixed_packages
0
url pkg:ebuild/net-libs/nodejs@16.20.2
purl pkg:ebuild/net-libs/nodejs@16.20.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@16.20.2
1
url pkg:ebuild/net-libs/nodejs@18.17.1
purl pkg:ebuild/net-libs/nodejs@18.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1
2
url pkg:ebuild/net-libs/nodejs@20.5.1
purl pkg:ebuild/net-libs/nodejs@20.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@20.5.1
aliases CVE-2023-30589, GHSA-cggh-pq45-6h9x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zstw-3wmu-u3c8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/nodejs@18.17.1