{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","type":"deb","namespace":"debian","name":"nodejs","version":"0","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.6.17~dfsg1-1","latest_non_vulnerable_version":"24.15.0+dfsg+~cs24.12.2-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63920?format=json","vulnerability_id":"VCID-1vp3-fzdr-yqbm","summary":"Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21715.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21715.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21715","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00177","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00201","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.002","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00202","published_at":"2026-04-13T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00204","published_at":"2026-04-16T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00205","published_at":"2026-04-29T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00208","published_at":"2026-04-24T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00207","published_at":"2026-04-26T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-05-05T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.0026","published_at":"2026-05-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00256","published_at":"2026-05-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00254","published_at":"2026-05-12T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00253","published_at":"2026-05-14T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00216","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21715"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453152","reference_id":"2453152","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21715"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vp3-fzdr-yqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/264557?format=json","vulnerability_id":"VCID-35e4-h5zk-5ffn","summary":"A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3566","reference_id":"","reference_type":"","scores":[{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91599","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91513","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91519","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91524","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91526","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91546","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91541","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.9155","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91548","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91547","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.9156","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91574","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91583","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91582","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91592","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.91492","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0709","scoring_system":"epss","scoring_elements":"0.915","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3566"},{"reference_url":"https://kb.cert.org/vuls/id/123335","reference_id":"123335","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://kb.cert.org/vuls/id/123335"},{"reference_url":"https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/","reference_id":"batbadbut-you-cant-securely-execute-commands-on-windows","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2024-1874","reference_id":"CVERecord?id=CVE-2024-1874","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2024-1874"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2024-22423","reference_id":"CVERecord?id=CVE-2024-22423","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2024-22423"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2024-24576","reference_id":"CVERecord?id=CVE-2024-24576","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2024-24576"},{"reference_url":"https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way","reference_id":"everyone-quotes-command-line-arguments-the-wrong-way","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-04-15T16:13:02Z/"}],"url":"https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-3566"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35e4-h5zk-5ffn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48671?format=json","vulnerability_id":"VCID-39c4-njbs-pyeq","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8251.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8251.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8251","reference_id":"","reference_type":"","scores":[{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89658","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.8966","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89675","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89695","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.897","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89706","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89715","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89716","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89711","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89726","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89728","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89727","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89739","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89754","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89765","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.8976","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.8977","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04991","scoring_system":"epss","scoring_elements":"0.89788","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8251"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879314","reference_id":"1879314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8251"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39c4-njbs-pyeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85609?format=json","vulnerability_id":"VCID-3nb1-jud1-rkgk","summary":"nodejs: `Buffer` to UTF8 `String` conversion DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5380.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5380","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69972","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69984","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70024","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7004","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70048","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70035","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70078","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70119","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70127","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70102","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70144","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70175","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70143","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70171","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70221","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5380"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239332","reference_id":"1239332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239332"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5380"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nb1-jud1-rkgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83813?format=json","vulnerability_id":"VCID-3v19-cq1w-y3cz","summary":"nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15896.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15896","reference_id":"","reference_type":"","scores":[{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36637","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36759","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3664","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36524","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36595","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3662","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36539","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36563","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37072","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37048","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37021","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37066","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36989","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40086","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40181","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1525106","reference_id":"1525106","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1525106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15896","reference_id":"CVE-2017-15896","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15896"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3v19-cq1w-y3cz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64946?format=json","vulnerability_id":"VCID-43sf-4r41-wugc","summary":"nodejs: Nodejs filesystem permissions bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55132.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55132.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55132","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01084","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01141","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01145","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01136","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01131","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01085","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01077","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01142","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01149","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01147","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55132"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55132","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55132"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431338","reference_id":"2431338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431338"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T18:38:44Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7378","reference_id":"RHSA-2026:7378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7657","reference_id":"RHSA-2026:7657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932843?format=json","purl":"pkg:deb/debian/nodejs@22.22.0%2Bdfsg%2B~cs22.19.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.0%252Bdfsg%252B~cs22.19.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-55132"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43sf-4r41-wugc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62482?format=json","vulnerability_id":"VCID-4ak9-89fm-ybh2","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30582.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30582","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2715","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26809","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2671","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26728","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27187","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26978","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27047","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27092","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27095","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27052","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26994","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27003","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26942","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26893","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26886","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2682","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2667","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26738","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26786","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30582"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219832","reference_id":"2219832","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219832"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:09:51Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30582"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ak9-89fm-ybh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37549?format=json","vulnerability_id":"VCID-5afy-ud31-hbaw","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21890.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21890","reference_id":"","reference_type":"","scores":[{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80905","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80778","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80791","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80808","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.8083","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80851","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80844","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80862","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80662","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80683","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80679","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80707","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80717","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80734","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.8072","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80712","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80748","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80751","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01439","scoring_system":"epss","scoring_elements":"0.80774","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2257156","reference_id":"2257156","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:50:11Z/"}],"url":"https://hackerone.com/reports/2257156"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265722","reference_id":"2265722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265722"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240315-0002/","reference_id":"ntap-20240315-0002","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:50:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240315-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21890"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5afy-ud31-hbaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37566?format=json","vulnerability_id":"VCID-67xm-uc9p-y7f2","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22020.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22020","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32392","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32544","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3246","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32322","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32386","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32395","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32302","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32324","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32954","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32989","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32811","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32859","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32888","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32889","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32851","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32845","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32809","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32659","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22020"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2092749","reference_id":"2092749","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T03:55:30Z/"}],"url":"https://hackerone.com/reports/2092749"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296417","reference_id":"2296417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296417"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T03:55:30Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-13T03:55:30Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5814","reference_id":"RHSA-2024:5814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5815","reference_id":"RHSA-2024:5815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6147","reference_id":"RHSA-2024:6147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6148","reference_id":"RHSA-2024:6148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6148"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932836?format=json","purl":"pkg:deb/debian/nodejs@20.15.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.15.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22020"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67xm-uc9p-y7f2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34825?format=json","vulnerability_id":"VCID-7cth-47w2-17hy","summary":"Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22940.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22940.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22940","reference_id":"","reference_type":"","scores":[{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59679","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59916","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59826","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59852","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59753","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59747","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59799","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59812","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59831","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59815","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59834","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59841","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59824","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59795","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59798","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59761","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59809","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00386","scoring_system":"epss","scoring_elements":"0.59869","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22940"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993029","reference_id":"1993029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993029"},{"reference_url":"https://security.archlinux.org/AVG-2283","reference_id":"AVG-2283","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2283"},{"reference_url":"https://security.gentoo.org/glsa/202401-02","reference_id":"GLSA-202401-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-02"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3280","reference_id":"RHSA-2021:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3281","reference_id":"RHSA-2021:3281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3623","reference_id":"RHSA-2021:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3638","reference_id":"RHSA-2021:3638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3639","reference_id":"RHSA-2021:3639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3666","reference_id":"RHSA-2021:3666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932823?format=json","purl":"pkg:deb/debian/nodejs@12.22.5~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.5~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22940"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7cth-47w2-17hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78659?format=json","vulnerability_id":"VCID-7nnu-jtjx-u3ff","summary":"Node.js: Permissions policies can be bypassed via process.mainModule","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23918.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23918","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0584","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05677","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0582","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05832","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05835","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05463","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05469","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05505","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05526","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05486","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05479","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05437","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0567","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05676","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23918"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834","reference_id":"1031834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2171935","reference_id":"2171935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2171935"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/","reference_id":"february-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T17:47:16Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230316-0008/","reference_id":"ntap-20230316-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T17:47:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230316-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1533","reference_id":"RHSA-2023:1533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1582","reference_id":"RHSA-2023:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1583","reference_id":"RHSA-2023:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1742","reference_id":"RHSA-2023:1742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1743","reference_id":"RHSA-2023:1743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1744","reference_id":"RHSA-2023:1744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2654","reference_id":"RHSA-2023:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2655","reference_id":"RHSA-2023:2655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2655"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932832?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-23918"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7nnu-jtjx-u3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62492?format=json","vulnerability_id":"VCID-7z51-jgw6-v7hr","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32005.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32005","reference_id":"","reference_type":"","scores":[{"value":"0.00978","scoring_system":"epss","scoring_elements":"0.76922","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00978","scoring_system":"epss","scoring_elements":"0.76852","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00978","scoring_system":"epss","scoring_elements":"0.76869","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00978","scoring_system":"epss","scoring_elements":"0.76857","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00978","scoring_system":"epss","scoring_elements":"0.76873","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78234","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78239","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78253","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01114","scoring_system":"epss","scoring_elements":"0.78267","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01138","scoring_system":"epss","scoring_elements":"0.78381","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01138","scoring_system":"epss","scoring_elements":"0.7835","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79932","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.799","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79867","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79896","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79924","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01324","scoring_system":"epss","scoring_elements":"0.79908","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32005"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2051224","reference_id":"2051224","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:42Z/"}],"url":"https://hackerone.com/reports/2051224"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230958","reference_id":"2230958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230958"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231103-0004/","reference_id":"ntap-20231103-0004","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231103-0004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32005"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7z51-jgw6-v7hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78660?format=json","vulnerability_id":"VCID-8myg-sjwy-yqfp","summary":"Node.js: OpenSSL error handling issues in nodejs crypto library","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23919.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23919","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55074","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54928","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54969","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55028","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54989","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55014","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59069","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59087","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59073","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59089","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66334","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66318","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.6863","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68618","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68588","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68536","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71716","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.71735","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23919"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834","reference_id":"1031834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031834"},{"reference_url":"https://hackerone.com/reports/1808596","reference_id":"1808596","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:26:46Z/"}],"url":"https://hackerone.com/reports/1808596"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172170","reference_id":"2172170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172170"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/","reference_id":"february-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:26:46Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230316-0008/","reference_id":"ntap-20230316-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T14:26:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230316-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1582","reference_id":"RHSA-2023:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1583","reference_id":"RHSA-2023:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2654","reference_id":"RHSA-2023:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2654"},{"reference_url":"https://usn.ubuntu.com/6672-1/","reference_id":"USN-6672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-23919"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8myg-sjwy-yqfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83814?format=json","vulnerability_id":"VCID-8qmf-bwmg-5bar","summary":"nodejs: Unitialized buffer due to incorrect encoding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15897.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15897.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15897","reference_id":"","reference_type":"","scores":[{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65596","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65552","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65648","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.6563","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70811","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70729","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70757","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.7062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70643","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70628","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70659","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70667","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70646","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70698","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70707","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70685","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70725","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70759","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15897"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532534","reference_id":"1532534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532534"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15897","reference_id":"CVE-2017-15897","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15897"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15897"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qmf-bwmg-5bar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83220?format=json","vulnerability_id":"VCID-9uux-1n93-4kcs","summary":"nodejs: Unintentional exposure of uninitialized memory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7166.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7166","reference_id":"","reference_type":"","scores":[{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74986","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74989","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75018","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74995","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.7504","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75062","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75041","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75031","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75075","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75104","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75108","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75112","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.7512","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75147","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75171","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75152","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75161","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75214","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7166"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1620215","reference_id":"1620215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1620215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2553","reference_id":"RHSA-2018:2553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2553"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-7166"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uux-1n93-4kcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37526?format=json","vulnerability_id":"VCID-a7mj-p1d7-h3cv","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39331.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39331.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39331","reference_id":"","reference_type":"","scores":[{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72413","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72506","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72538","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72545","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72543","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72534","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72563","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72588","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72447","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.7246","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72483","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72465","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00799","scoring_system":"epss","scoring_elements":"0.74115","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00799","scoring_system":"epss","scoring_elements":"0.74138","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00799","scoring_system":"epss","scoring_elements":"0.74194","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39331"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2092852","reference_id":"2092852","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T15:17:01Z/"}],"url":"https://hackerone.com/reports/2092852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244413","reference_id":"2244413","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244413"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231116-0009/","reference_id":"ntap-20231116-0009","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T15:17:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231116-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-39331"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7mj-p1d7-h3cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34823?format=json","vulnerability_id":"VCID-ap4u-dkwx-1kb3","summary":"Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22931","reference_id":"","reference_type":"","scores":[{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71095","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71343","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71189","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71196","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71228","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71236","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71239","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71224","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71262","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71296","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71259","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71287","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71104","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71097","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71139","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71151","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71175","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.7116","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71143","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22931"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1178337","reference_id":"1178337","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://hackerone.com/reports/1178337"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993019","reference_id":"1993019","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1993019"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/","reference_id":"aug-2021-security-releases","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/"},{"reference_url":"https://security.archlinux.org/AVG-2286","reference_id":"AVG-2286","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2286"},{"reference_url":"https://security.gentoo.org/glsa/202401-02","reference_id":"GLSA-202401-02","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://security.gentoo.org/glsa/202401-02"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210923-0001/","reference_id":"ntap-20210923-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210923-0001/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211022-0003/","reference_id":"ntap-20211022-0003","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-11T21:01:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211022-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3280","reference_id":"RHSA-2021:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3281","reference_id":"RHSA-2021:3281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3623","reference_id":"RHSA-2021:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3638","reference_id":"RHSA-2021:3638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3639","reference_id":"RHSA-2021:3639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3666","reference_id":"RHSA-2021:3666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22931"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ap4u-dkwx-1kb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37553?format=json","vulnerability_id":"VCID-apbs-8ge7-dyg3","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21896.json","reference_id":"","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21896","reference_id":"","reference_type":"","scores":[{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82149","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82026","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82031","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82049","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8207","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82095","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82092","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82108","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81898","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81921","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81943","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81951","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81954","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81989","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8199","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81991","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82014","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2218653","reference_id":"2218653","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/CR:M/IR:M/AR:M"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:41Z/"}],"url":"https://hackerone.com/reports/2218653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265717","reference_id":"2265717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265717"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240329-0002/","reference_id":"ntap-20240329-0002","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/CR:M/IR:M/AR:M"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240329-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apbs-8ge7-dyg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207785?format=json","vulnerability_id":"VCID-b1vd-c8xt-dqc6","summary":"Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36138","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49445","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49347","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49375","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49409","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49436","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49444","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49439","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49457","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49428","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49476","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49473","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49443","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49432","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49398","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49313","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49372","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49397","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36138"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases","reference_id":"july-2024-security-releases","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T17:53:28Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-36138"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1vd-c8xt-dqc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/241500?format=json","vulnerability_id":"VCID-b7hq-5yyx-tuhs","summary":"Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22921","reference_id":"","reference_type":"","scores":[{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67291","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67048","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67085","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67083","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67133","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67164","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.6715","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67152","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67167","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67148","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.6717","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67182","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67151","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67192","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67231","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67204","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67228","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22921"},{"reference_url":"https://security.archlinux.org/AVG-2130","reference_id":"AVG-2130","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-22921"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7hq-5yyx-tuhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267285?format=json","vulnerability_id":"VCID-cjrh-xgy5-63ga","summary":"An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. \r\n\r\nThis vulnerability affects Windows users of `path.join` API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27210","reference_id":"","reference_type":"","scores":[{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88389","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88393","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88463","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.8845","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88451","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88438","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88422","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.8841","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03967","scoring_system":"epss","scoring_elements":"0.88405","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07107","scoring_system":"epss","scoring_elements":"0.91498","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07725","scoring_system":"epss","scoring_elements":"0.92002","published_at":"2026-05-14T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92717","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92718","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92712","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92698","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09232","scoring_system":"epss","scoring_elements":"0.92699","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/remote/52369.py","reference_id":"CVE-2025-27210","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/nodejs/remote/52369.py"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases","reference_id":"july-2025-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T17:11:02Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-27210"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjrh-xgy5-63ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62486?format=json","vulnerability_id":"VCID-ec66-gwvw-kucs","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30587.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30587","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02564","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0277","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02745","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02744","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02578","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02582","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02608","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02591","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02579","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02577","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02562","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02571","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02681","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02669","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02658","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02713","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02688","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02705","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02743","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30587"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219831","reference_id":"2219831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219831"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:23:12Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30587"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ec66-gwvw-kucs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37521?format=json","vulnerability_id":"VCID-enz6-qdn6-dkgm","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38552.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38552","reference_id":"","reference_type":"","scores":[{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6041","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60592","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60497","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6048","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60495","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60482","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60441","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60487","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60545","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60504","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60531","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60437","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60454","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.6049","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60477","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60499","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60507","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892","reference_id":"1054892","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892"},{"reference_url":"https://hackerone.com/reports/2094235","reference_id":"2094235","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://hackerone.com/reports/2094235"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244415","reference_id":"2244415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244415"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","reference_id":"E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","reference_id":"FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","reference_id":"HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","reference_id":"LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231116-0013/","reference_id":"ntap-20231116-0013","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231116-0013/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5849","reference_id":"RHSA-2023:5849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5869","reference_id":"RHSA-2023:5869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","reference_id":"X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:14:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-38552"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enz6-qdn6-dkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63932?format=json","vulnerability_id":"VCID-fetp-hvhq-dube","summary":"Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21712.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21712.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21712","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01719","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02676","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02784","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02814","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02817","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02838","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02807","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02788","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02781","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02893","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02935","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04054","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04068","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04101","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09937","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09835","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09872","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21712"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453037","reference_id":"2453037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453037"},{"reference_url":"https://hackerone.com/reports/3546390","reference_id":"3546390","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T15:52:17Z/"}],"url":"https://hackerone.com/reports/3546390"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T15:52:17Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21712"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fetp-hvhq-dube"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/167678?format=json","vulnerability_id":"VCID-g28p-7shw-n3bn","summary":"Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to \"..\" handling was incompatible with the pathname validation used by unspecified community modules.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14849","reference_id":"","reference_type":"","scores":[{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99604","published_at":"2026-05-14T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99603","published_at":"2026-05-12T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99591","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99592","published_at":"2026-04-04T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99593","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99594","published_at":"2026-04-11T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99595","published_at":"2026-04-13T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99597","published_at":"2026-04-24T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99598","published_at":"2026-04-29T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.996","published_at":"2026-05-05T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99602","published_at":"2026-05-07T12:55:00Z"},{"value":"0.90232","scoring_system":"epss","scoring_elements":"0.99601","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14849"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/"},{"reference_url":"https://twitter.com/nodejs/status/913131152868876288","reference_id":"","reference_type":"","scores":[],"url":"https://twitter.com/nodejs/status/913131152868876288"},{"reference_url":"http://www.securityfocus.com/bid/101056","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101056"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14849","reference_id":"CVE-2017-14849","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14849"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-14849"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g28p-7shw-n3bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62485?format=json","vulnerability_id":"VCID-g5wj-ffk1-7bg7","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30586.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30586.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30586","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13467","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13452","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13111","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13266","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13348","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13372","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13529","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13406","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13456","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1343","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13395","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13349","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13256","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13255","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13336","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13342","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13315","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1321","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30586"},{"reference_url":"https://hackerone.com/reports/1954535","reference_id":"1954535","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:27:16Z/"}],"url":"https://hackerone.com/reports/1954535"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219837","reference_id":"2219837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219837"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230803-0008/","reference_id":"ntap-20230803-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:27:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230803-0008/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30586"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5wj-ffk1-7bg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78333?format=json","vulnerability_id":"VCID-jbph-d393-byd4","summary":"nodejs: privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30585.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30585","reference_id":"","reference_type":"","scores":[{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84091","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.8411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84133","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84139","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84156","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84169","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.8417","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.842","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84207","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84232","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84257","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84274","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84272","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84289","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02122","scoring_system":"epss","scoring_elements":"0.84322","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30585"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219835","reference_id":"2219835","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30585"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbph-d393-byd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64948?format=json","vulnerability_id":"VCID-jbws-qjq3-qbhq","summary":"nodejs: Nodejs network segmentation bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21636.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21636","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06745","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0669","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06698","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06713","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06272","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06251","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06297","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06338","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0633","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06324","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06264","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06277","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0644","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06463","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06476","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06497","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06626","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21636"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431342","reference_id":"2431342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431342"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T18:38:13Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21636"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbws-qjq3-qbhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64950?format=json","vulnerability_id":"VCID-k4cj-47gd-s7ck","summary":"nodejs: Nodejs memory leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59464.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59464","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16583","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16473","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16402","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16367","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16401","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16645","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16445","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16531","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16585","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16566","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16526","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16409","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16429","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16466","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16357","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16313","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16179","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16296","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59464"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431344","reference_id":"2431344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431344"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:40:07Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7378","reference_id":"RHSA-2026:7378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7657","reference_id":"RHSA-2026:7657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-59464"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4cj-47gd-s7ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37583?format=json","vulnerability_id":"VCID-krft-297e-qfdw","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36137.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36137","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23557","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2355","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23838","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23744","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24218","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24071","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24117","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24133","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24092","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24035","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2418","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24222","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24371","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24246","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24232","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24077","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24158","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24168","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36137"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2299281","reference_id":"2299281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2299281"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases","reference_id":"july-2024-security-releases","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:06:27Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2024-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5814","reference_id":"RHSA-2024:5814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5815","reference_id":"RHSA-2024:5815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932836?format=json","purl":"pkg:deb/debian/nodejs@20.15.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.15.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-36137"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-krft-297e-qfdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68614?format=json","vulnerability_id":"VCID-kvmm-gh2f-zqau","summary":"nodejs: Node.js Rapidhash HashDoS Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27209.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27209.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27209","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05749","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.104","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10335","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10234","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10369","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10307","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10358","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14188","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14164","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1555","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15567","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15323","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15445","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15527","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34973","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27209"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382040","reference_id":"2382040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382040"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases","reference_id":"july-2025-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T17:14:28Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/july-2025-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-27209"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvmm-gh2f-zqau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37551?format=json","vulnerability_id":"VCID-mqcy-2run-93d6","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21892.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21892.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21892","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63728","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63623","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63618","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6359","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63634","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63686","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63651","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63677","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63536","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63564","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63529","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63581","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63613","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.636","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63609","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63592","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6361","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21892"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055","reference_id":"1064055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055"},{"reference_url":"https://hackerone.com/reports/2237545","reference_id":"2237545","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:40Z/"}],"url":"https://hackerone.com/reports/2237545"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264582","reference_id":"2264582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264582"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240322-0003/","reference_id":"ntap-20240322-0003","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-12T04:00:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240322-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1503","reference_id":"RHSA-2024:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1510","reference_id":"RHSA-2024:1510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1880","reference_id":"RHSA-2024:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1932","reference_id":"RHSA-2024:1932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932835?format=json","purl":"pkg:deb/debian/nodejs@18.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21892"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqcy-2run-93d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62494?format=json","vulnerability_id":"VCID-p31t-nxwe-yyf2","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32558.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32558","reference_id":"","reference_type":"","scores":[{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41223","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41253","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41179","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41227","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41236","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41258","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41226","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41255","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41153","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41036","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40955","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40815","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.4089","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40905","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40811","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40834","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.4091","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32558"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230952","reference_id":"2230952","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230952"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32558"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p31t-nxwe-yyf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37589?format=json","vulnerability_id":"VCID-p9sg-8byk-eydy","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37372.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37372.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37372","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15215","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15009","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15103","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15092","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15137","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15193","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15261","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15152","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15203","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1507","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14969","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14978","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1503","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15069","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15014","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14883","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37372"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336663","reference_id":"2336663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336663"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:37:14Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T21:37:14Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-37372"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9sg-8byk-eydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/266492?format=json","vulnerability_id":"VCID-pd4q-4b15-gqey","summary":"A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory.\r\n\r\nOn Windows, a path that does not start with the file separator is treated as relative to the current directory. \r\n\r\nThis vulnerability affects Windows users of `path.join` API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23084","reference_id":"","reference_type":"","scores":[{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79839","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79605","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.7979","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79786","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79801","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79627","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79642","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.7965","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79655","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79677","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79681","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79712","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79719","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79734","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.7975","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79773","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23084"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases","reference_id":"january-2025-security-releases","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-28T15:07:59Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23084"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pd4q-4b15-gqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83865?format=json","vulnerability_id":"VCID-pwe6-zwyr-nqhy","summary":"nodejs: DoS via specific windowBits value","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14919.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14919","reference_id":"","reference_type":"","scores":[{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73928","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73842","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73836","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73862","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73886","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73849","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73872","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73751","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73763","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73786","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73759","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.738","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73808","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73799","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73832","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.73841","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77436","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77462","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77441","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.7743","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14919"},{"reference_url":"https://nodejs.org/en/blog/release/v4.8.5/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/release/v4.8.5/"},{"reference_url":"https://nodejs.org/en/blog/release/v6.11.5/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/release/v6.11.5/"},{"reference_url":"https://nodejs.org/en/blog/release/v8.8.0/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/release/v8.8.0/"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/oct-2017-dos/","reference_id":"","reference_type":"","scores":[],"url":"https://nodejs.org/en/blog/vulnerability/oct-2017-dos/"},{"reference_url":"http://www.securityfocus.com/bid/101881","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101881"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1516175","reference_id":"1516175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1516175"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:4.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:4.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:nodejs:node.js:8.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:8.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14919","reference_id":"CVE-2017-14919","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14919"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-14919"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwe6-zwyr-nqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62487?format=json","vulnerability_id":"VCID-q75s-43sx-4kbg","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30588.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30588.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30588","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0854","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08594","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08512","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08585","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08602","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08582","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08566","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08458","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08445","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.086","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08613","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08563","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08505","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0865","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08732","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08698","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08723","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08784","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30588"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990","reference_id":"1039990","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039990"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219838","reference_id":"2219838","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219838"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4330","reference_id":"RHSA-2023:4330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4331","reference_id":"RHSA-2023:4331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4536","reference_id":"RHSA-2023:4536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4537","reference_id":"RHSA-2023:4537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5361","reference_id":"RHSA-2023:5361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5533","reference_id":"RHSA-2023:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5533"},{"reference_url":"https://usn.ubuntu.com/6735-1/","reference_id":"USN-6735-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6735-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30588"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q75s-43sx-4kbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62491?format=json","vulnerability_id":"VCID-rg1f-5nhq-m7ea","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32004.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32004","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30194","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30433","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30318","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30095","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30164","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30173","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30124","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30818","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30635","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30693","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30725","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30729","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30683","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30639","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30647","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32004"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2038134","reference_id":"2038134","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://hackerone.com/reports/2038134"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230951","reference_id":"2230951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230951"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/","reference_id":"JQPELKG2LVTADSB7ME73AV4DXQK47PWK","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230915-0009/","reference_id":"ntap-20230915-0009","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230915-0009/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/","reference_id":"PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-08T20:19:44Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32004"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rg1f-5nhq-m7ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37532?format=json","vulnerability_id":"VCID-s1a4-9r1m-8uaw","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39332.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39332.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39332","reference_id":"","reference_type":"","scores":[{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68556","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68634","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68655","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68682","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68693","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68673","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68715","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68752","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68575","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68553","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68646","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68643","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70474","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.705","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70551","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39332"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2199818","reference_id":"2199818","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-13T14:54:41Z/"}],"url":"https://hackerone.com/reports/2199818"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244414","reference_id":"2244414","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244414"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-13T14:54:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231116-0009/","reference_id":"ntap-20231116-0009","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-13T14:54:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231116-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-39332"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s1a4-9r1m-8uaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62484?format=json","vulnerability_id":"VCID-sthj-jvke-tyg7","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30584.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30584.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30584","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.019","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0192","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01892","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01894","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0191","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01879","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01874","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01855","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01853","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01939","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01933","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01929","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01959","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01908","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01898","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219829","reference_id":"2219829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219829"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-09T18:33:59Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30584"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sthj-jvke-tyg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/266476?format=json","vulnerability_id":"VCID-tpck-fwrj-ruaq","summary":"Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\\Program Files\\Common Files\\SSL\\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32223","reference_id":"","reference_type":"","scores":[{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90895","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90783","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90804","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90819","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.9082","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90818","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90837","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90835","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90847","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90846","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90842","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90859","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90877","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90888","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06141","scoring_system":"epss","scoring_elements":"0.90886","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08112","scoring_system":"epss","scoring_elements":"0.92233","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32223"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32223"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tpck-fwrj-ruaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63921?format=json","vulnerability_id":"VCID-twc8-ewm7-wkb1","summary":"nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21716.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21716.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21716","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00177","published_at":"2026-04-02T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00199","published_at":"2026-04-29T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00169","published_at":"2026-04-04T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00196","published_at":"2026-04-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00198","published_at":"2026-04-13T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00201","published_at":"2026-04-21T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00202","published_at":"2026-04-26T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00247","published_at":"2026-05-07T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00242","published_at":"2026-05-12T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00241","published_at":"2026-05-14T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00246","published_at":"2026-05-05T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00245","published_at":"2026-05-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00248","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21716"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21716","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21716"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453157","reference_id":"2453157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453157"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:27:06Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932844?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21716"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twc8-ewm7-wkb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62483?format=json","vulnerability_id":"VCID-ueyx-hwjr-fuhq","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30583.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30583","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05743","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06204","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06196","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05818","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05843","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05821","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05812","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05805","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05776","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05922","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05955","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05989","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05997","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06017","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06113","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06179","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30583"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219833","reference_id":"2219833","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219833"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","reference_id":"june-2023-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:28:41Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-30583"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueyx-hwjr-fuhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62490?format=json","vulnerability_id":"VCID-uftn-4gjb-dqe6","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32003.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32003.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32003","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19891","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19681","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1959","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19576","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1954","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19422","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19512","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19597","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19558","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19587","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19947","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19674","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19754","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19805","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1981","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19765","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19708","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19683","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19685","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32003"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2037887","reference_id":"2037887","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://hackerone.com/reports/2037887"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230959","reference_id":"2230959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230959"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/","reference_id":"JQPELKG2LVTADSB7ME73AV4DXQK47PWK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230915-0009/","reference_id":"ntap-20230915-0009","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230915-0009/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/","reference_id":"PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:15:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32003"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uftn-4gjb-dqe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62477?format=json","vulnerability_id":"VCID-v3uy-dqn9-qye5","summary":"Multiple vulnerabilities have been discovered in Node.js.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32222.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32222","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69973","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69987","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69964","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70012","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70028","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70051","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70036","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70023","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70066","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70075","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70056","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70107","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70115","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70114","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70132","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70163","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70131","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70159","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70209","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32222"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105424","reference_id":"2105424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105424"},{"reference_url":"https://security.gentoo.org/glsa/202405-29","reference_id":"GLSA-202405-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32222"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3uy-dqn9-qye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37550?format=json","vulnerability_id":"VCID-vhg4-51cg-ebaa","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21891.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21891","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46451","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46465","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46413","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46317","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46383","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46403","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46347","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4638","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46443","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46463","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46412","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46472","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4653","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46527","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46473","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46454","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21891"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2259914","reference_id":"2259914","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T17:59:04Z/"}],"url":"https://hackerone.com/reports/2259914"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265720","reference_id":"2265720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265720"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240315-0005/","reference_id":"ntap-20240315-0005","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T17:59:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240315-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21891"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vhg4-51cg-ebaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37558?format=json","vulnerability_id":"VCID-w6yn-qt4p-vudt","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22018.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22018.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22018","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43515","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43598","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43516","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43387","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43463","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43482","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43418","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4345","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43711","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43646","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43697","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43701","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4372","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43689","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43672","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43733","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43724","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43657","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43594","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2145862","reference_id":"2145862","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:07:56Z/"}],"url":"https://hackerone.com/reports/2145862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296990","reference_id":"2296990","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296990"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:07:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:07:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5814","reference_id":"RHSA-2024:5814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5815","reference_id":"RHSA-2024:5815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932836?format=json","purl":"pkg:deb/debian/nodejs@20.15.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.15.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22018"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6yn-qt4p-vudt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64953?format=json","vulnerability_id":"VCID-x1an-pjq4-nbby","summary":"nodejs: Nodejs file permissions bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55130.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55130","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02953","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03132","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03085","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03094","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.031","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02968","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02976","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02977","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02964","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02941","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02932","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02906","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02916","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03034","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03031","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03021","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03065","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03028","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03049","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55130"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431352","reference_id":"2431352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431352"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases","reference_id":"december-2025-security-releases","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:29Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1842","reference_id":"RHSA-2026:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1843","reference_id":"RHSA-2026:1843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2420","reference_id":"RHSA-2026:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2421","reference_id":"RHSA-2026:2421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2422","reference_id":"RHSA-2026:2422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2767","reference_id":"RHSA-2026:2767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2768","reference_id":"RHSA-2026:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2781","reference_id":"RHSA-2026:2781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2782","reference_id":"RHSA-2026:2782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2783","reference_id":"RHSA-2026:2783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2864","reference_id":"RHSA-2026:2864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2899","reference_id":"RHSA-2026:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6402","reference_id":"RHSA-2026:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6431","reference_id":"RHSA-2026:6431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7378","reference_id":"RHSA-2026:7378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7386","reference_id":"RHSA-2026:7386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7387","reference_id":"RHSA-2026:7387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7657","reference_id":"RHSA-2026:7657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932840?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932843?format=json","purl":"pkg:deb/debian/nodejs@22.22.0%2Bdfsg%2B~cs22.19.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.0%252Bdfsg%252B~cs22.19.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-55130"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x1an-pjq4-nbby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63922?format=json","vulnerability_id":"VCID-xert-byqc-xbe2","summary":"Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21711.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21711.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21711","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00125","published_at":"2026-04-24T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00122","published_at":"2026-04-29T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00124","published_at":"2026-04-26T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0015","published_at":"2026-05-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00146","published_at":"2026-05-14T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00148","published_at":"2026-04-12T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00149","published_at":"2026-04-18T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00151","published_at":"2026-05-07T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00147","published_at":"2026-05-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00245","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21711"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453158","reference_id":"2453158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453158"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases","reference_id":"march-2026-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T15:02:57Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/march-2026-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7350","reference_id":"RHSA-2026:7350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7670","reference_id":"RHSA-2026:7670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7675","reference_id":"RHSA-2026:7675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21711"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xert-byqc-xbe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69630?format=json","vulnerability_id":"VCID-xkpz-pb5y-jqcy","summary":"nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23166.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23166","reference_id":"","reference_type":"","scores":[{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53767","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53656","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53655","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53707","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.5367","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53695","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53633","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53661","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53629","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.5368","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53678","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53727","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53711","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53693","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53731","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53735","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53717","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53679","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53691","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23166"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832","reference_id":"1105832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367163","reference_id":"2367163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367163"},{"reference_url":"https://security.archlinux.org/ASA-202505-6","reference_id":"ASA-202505-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-6"},{"reference_url":"https://security.archlinux.org/ASA-202505-7","reference_id":"ASA-202505-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-7"},{"reference_url":"https://security.archlinux.org/ASA-202505-8","reference_id":"ASA-202505-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-8"},{"reference_url":"https://security.archlinux.org/AVG-2871","reference_id":"AVG-2871","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2871"},{"reference_url":"https://security.archlinux.org/AVG-2872","reference_id":"AVG-2872","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2872"},{"reference_url":"https://security.archlinux.org/AVG-2873","reference_id":"AVG-2873","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2873"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases","reference_id":"may-2025-security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T14:11:17Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8467","reference_id":"RHSA-2025:8467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8468","reference_id":"RHSA-2025:8468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8493","reference_id":"RHSA-2025:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8506","reference_id":"RHSA-2025:8506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8514","reference_id":"RHSA-2025:8514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8902","reference_id":"RHSA-2025:8902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1115943?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23166"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xkpz-pb5y-jqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37554?format=json","vulnerability_id":"VCID-xva8-adbf-87h3","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22017.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22017","reference_id":"","reference_type":"","scores":[{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70418","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70435","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75485","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75374","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75378","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75386","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75415","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75441","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75421","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.7543","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75257","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.753","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75311","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75332","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.7531","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75299","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75338","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75345","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75334","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75369","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2170226","reference_id":"2170226","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T04:00:22Z/"}],"url":"https://hackerone.com/reports/2170226"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265727","reference_id":"2265727","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265727"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240517-0007/","reference_id":"ntap-20240517-0007","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T04:00:22Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240517-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1687","reference_id":"RHSA-2024:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1688","reference_id":"RHSA-2024:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-22017"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xva8-adbf-87h3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31260?format=json","vulnerability_id":"VCID-ydzj-e97m-k3cp","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23083.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23083.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23083","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28663","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28101","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28092","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2801","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28029","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28709","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28514","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28578","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28548","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28523","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28476","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2836","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28248","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2817","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28006","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28068","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134","reference_id":"1094134","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094134"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339392","reference_id":"2339392","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339392"},{"reference_url":"https://security.gentoo.org/glsa/202506-08","reference_id":"GLSA-202506-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-08"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases","reference_id":"january-2025-security-releases","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-28T04:55:27Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1351","reference_id":"RHSA-2025:1351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1443","reference_id":"RHSA-2025:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1522","reference_id":"RHSA-2025:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1611","reference_id":"RHSA-2025:1611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1613","reference_id":"RHSA-2025:1613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1613"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932838?format=json","purl":"pkg:deb/debian/nodejs@20.18.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.18.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23083"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ydzj-e97m-k3cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37537?format=json","vulnerability_id":"VCID-yxvf-4pb4-d7ec","summary":"Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39333.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39333.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39333","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26407","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26096","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26069","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.25998","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26016","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2645","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26224","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26292","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26339","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26348","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26243","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26249","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26188","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26113","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26109","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26058","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.25949","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26012","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39333"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892","reference_id":"1054892","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054892"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244418","reference_id":"2244418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244418"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/october-2023-security-releases","reference_id":"october-2023-security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T18:03:18Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/october-2023-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5849","reference_id":"RHSA-2023:5849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5869","reference_id":"RHSA-2023:5869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932833?format=json","purl":"pkg:deb/debian/nodejs@18.13.0%2Bdfsg1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.13.0%252Bdfsg1-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932831?format=json","purl":"pkg:deb/debian/nodejs@18.19.0%2Bdfsg-6~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.19.0%252Bdfsg-6~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-39333"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxvf-4pb4-d7ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76927?format=json","vulnerability_id":"VCID-yz6h-h3bb-27ee","summary":"Node.js: Fail to Escape Arguments Properly in Microsoft Windows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27980.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27980.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27980","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50622","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50665","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50644","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50592","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50599","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50553","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50477","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50531","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5056","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50514","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50545","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5058","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50607","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50561","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50615","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50654","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50632","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50618","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50659","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27980"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/10/15","reference_id":"15","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/10/15"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270693","reference_id":"2270693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270693"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","reference_id":"3","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W/","reference_id":"5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","reference_id":"6","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU/","reference_id":"JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T21:31:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-27980"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yz6h-h3bb-27ee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48666?format=json","vulnerability_id":"VCID-zckz-447u-gueb","summary":"Multiple vulnerabilities have been found in NodeJS, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8172.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8172.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8172","reference_id":"","reference_type":"","scores":[{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78718","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78725","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78757","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78739","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78764","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78771","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78795","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78778","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78769","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78796","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78791","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78819","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78825","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78842","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78861","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78884","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78898","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78895","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78913","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01183","scoring_system":"epss","scoring_elements":"0.78951","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8172"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845247","reference_id":"1845247","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2847","reference_id":"RHSA-2020:2847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2852","reference_id":"RHSA-2020:2852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2895","reference_id":"RHSA-2020:2895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2895"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8172"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zckz-447u-gueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69629?format=json","vulnerability_id":"VCID-znta-r3v4-hyg1","summary":"nodejs: Memory Leak in Node.js ReadFileUtf8 Binding Leading to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23165.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23165.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23165","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57989","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57882","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57897","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57881","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57838","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57891","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57888","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57883","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57938","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57956","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57933","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57913","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57943","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.57942","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5792","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23165"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832","reference_id":"1105832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367162","reference_id":"2367162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367162"},{"reference_url":"https://security.archlinux.org/ASA-202505-7","reference_id":"ASA-202505-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-7"},{"reference_url":"https://security.archlinux.org/ASA-202505-8","reference_id":"ASA-202505-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-8"},{"reference_url":"https://security.archlinux.org/AVG-2872","reference_id":"AVG-2872","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2872"},{"reference_url":"https://security.archlinux.org/AVG-2873","reference_id":"AVG-2873","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2873"},{"reference_url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases","reference_id":"may-2025-security-releases","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-19T13:55:12Z/"}],"url":"https://nodejs.org/en/blog/vulnerability/may-2025-security-releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8467","reference_id":"RHSA-2025:8467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8468","reference_id":"RHSA-2025:8468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8493","reference_id":"RHSA-2025:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8506","reference_id":"RHSA-2025:8506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8514","reference_id":"RHSA-2025:8514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8514"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/932803?format=json","purl":"pkg:deb/debian/nodejs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932797?format=json","purl":"pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-38k9-23j3-eqh7"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-kj75-vmwa-gqgq"},{"vulnerability":"VCID-sag8-repb-g3f4"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-x1an-pjq4-nbby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932795?format=json","purl":"pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vp3-fzdr-yqbm"},{"vulnerability":"VCID-2t7c-dju9-pff6"},{"vulnerability":"VCID-43sf-4r41-wugc"},{"vulnerability":"VCID-96yh-1wub-zucg"},{"vulnerability":"VCID-98fy-tedc-ube7"},{"vulnerability":"VCID-bjza-25hu-vkad"},{"vulnerability":"VCID-dgkh-jdah-wfh9"},{"vulnerability":"VCID-dt7u-3usg-9uet"},{"vulnerability":"VCID-twc8-ewm7-wkb1"},{"vulnerability":"VCID-u8bq-8jp4-jkem"},{"vulnerability":"VCID-v7uy-445x-tuan"},{"vulnerability":"VCID-wf5t-3pwz-c7d7"},{"vulnerability":"VCID-x1an-pjq4-nbby"},{"vulnerability":"VCID-xkpz-pb5y-jqcy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932799?format=json","purl":"pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932798?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1063054?format=json","purl":"pkg:deb/debian/nodejs@22.22.2%2Bdfsg%2B~cs22.19.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@22.22.2%252Bdfsg%252B~cs22.19.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081550?format=json","purl":"pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-23165"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znta-r3v4-hyg1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@0%3Fdistro=trixie"}