CVE-2020-28493 affecting package nodejs24 for versions less than 24.13.0-1

🗓️ 09 Feb 2026 23:37:49Reported by CBL MarinerType

cbl_mariner

cbl_mariner👁 3 Views

CVE-2020-28493 affects nodejs24 versions below 24.13.0-1; a patch is available.

Reporter	Title	Published	Views	Family All 172
IBM Security Bulletins	Security Bulletin: IBM Security QRadar Network Threat Analytics uses component jinja2 with a denial of service vulnerability (CVE-2020-28493)	16 Sep 202215:41	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Advisor With Watson uses components with known vulnerabilities (CVE-2020-36242, CVE-2021-33503, CVE-2020-28493)	20 Oct 202119:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	29 Apr 202416:48	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities	1 Apr 202216:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	19 Jan 202313:54	–	ibm
IBM Security Bulletins	Security Bulletin: High severity vulnerabilities in libraries used by IBM Spectrum Discover (libraries of libraries)	27 Apr 202222:57	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0261: Moderate: python27:2.7 (ALINUX3-SA-2024:0261)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : python-jinja2 (ALSA-2021:4161)	9 Feb 202200:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: nodejs / python-jinja2 (CVE-2020-28493)	20 Apr 202500:00	–	nessus
Tenable Nessus	CentOS 8 : python27:2.7 (CESA-2021:4151)	11 Nov 202100:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Azure Linux	3.0	all	nodejs24	24.13.0-1	UNKNOWN

09 Feb 2026 23:37Current

5.5Medium risk

Vulners AI Score5.5

CVSS 25

CVSS 3.15.3

EPSS0.00207

vulnerability 2020 28493 nodejs twenty four version 24.13.0-1 patched version available