CVE-2024-22020

🗓️ 09 Jul 2024 01:07:28Reported by hackeroneType

Security flaw in Node.js allows bypass of network import restrictions via data URL

Reporter	Title	Published	Views	Family All 174
IBM Security Bulletins	Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty	15 Apr 202502:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security QRadar Analyst Workflow for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	8 Jan 202518:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway	17 Sep 202421:51	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	4 Dec 202410:17	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Node.js affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.	11 Mar 202517:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM SDK for Node.js affect IBM Business Automation Workflow	9 Oct 202413:22	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Controller is affected by vulnerabilities	15 Apr 202502:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Node.js.	13 Dec 202420:12	–	ibm
IBM Security Bulletins	Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control	17 Sep 202408:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities	15 Apr 202503:17	–	ibm

Vulners

Vulnrichment

Node

nodejs nodeRange≤22.4.1

[
  {
    "product": "Node",
    "vendor": "NodeJS",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "versionType": "semver",
        "version": "4.0",
        "status": "affected",
        "lessThan": "4.*"
      },
      {
        "versionType": "semver",
        "version": "5.0",
        "status": "affected",
        "lessThan": "5.*"
      },
      {
        "versionType": "semver",
        "version": "6.0",
        "status": "affected",
        "lessThan": "6.*"
      },
      {
        "versionType": "semver",
        "version": "7.0",
        "status": "affected",
        "lessThan": "7.*"
      },
      {
        "versionType": "semver",
        "version": "8.0",
        "status": "affected",
        "lessThan": "8.*"
      },
      {
        "versionType": "semver",
        "version": "9.0",
        "status": "affected",
        "lessThan": "9.*"
      },
      {
        "versionType": "semver",
        "version": "10.0",
        "status": "affected",
        "lessThan": "10.*"
      },
      {
        "versionType": "semver",
        "version": "11.0",
        "status": "affected",
        "lessThan": "11.*"
      },
      {
        "versionType": "semver",
        "version": "12.0",
        "status": "affected",
        "lessThan": "12.*"
      },
      {
        "versionType": "semver",
        "version": "13.0",
        "status": "affected",
        "lessThan": "13.*"
      },
      {
        "versionType": "semver",
        "version": "14.0",
        "status": "affected",
        "lessThan": "14.*"
      },
      {
        "versionType": "semver",
        "version": "15.0",
        "status": "affected",
        "lessThan": "15.*"
      },
      {
        "versionType": "semver",
        "version": "16.0",
        "status": "affected",
        "lessThan": "16.*"
      },
      {
        "versionType": "semver",
        "version": "17.0",
        "status": "affected",
        "lessThan": "17.*"
      },
      {
        "versionType": "semver",
        "version": "18.0",
        "status": "affected",
        "lessThan": "18.20.4"
      },
      {
        "versionType": "semver",
        "version": "19.0",
        "status": "affected",
        "lessThan": "19.*"
      },
      {
        "versionType": "semver",
        "version": "20.0",
        "status": "affected",
        "lessThan": "20.15.1"
      },
      {
        "versionType": "semver",
        "version": "21.0",
        "status": "affected",
        "lessThan": "21.*"
      },
      {
        "versionType": "semver",
        "version": "22.0",
        "status": "affected",
        "lessThan": "22.4.1"
      }
    ]
  }
]

Source	Link
openwall	www.openwall.com/lists/oss-security/2024/07/11/6
openwall	www.openwall.com/lists/oss-security/2024/07/19/3
hackerone	www.hackerone.com/reports/2092749
security	www.security.netapp.com/advisory/ntap-20241122-0006/

15 Apr 2026 00:35Current

6.7Medium risk

Vulners AI Score6.7

CVSS 36.5

EPSS0.00133

SSVC

CWE-94