Lucene search
GoogleOSV:CVE-2021-44534HistoryMay 31, 2024 - 6:15 p.m.
CVE-2021-44534
2024-05-3118:15:00
Google
osv.dev
4
user input filtering
non-authenticated attacker
arbitrary file read
sensitive information disclosure
software
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
AI Score
6.6
Confidence
Low
EPSS
0.01
Percentile
83.6%
Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure.
Related
vulnrichment
vulnrichment
CVE-2021-44534
2024-05-31 17:40:31
nvd
nvd
CVE-2021-44534
2024-05-31 18:15:09
CVE-2022-21824
2022-02-24 19:15:10
hackerone
hackerone
ExpressionEngine: Non-authenticated path traversal leading to arbitrary file read
2021-02-05 10:14:35
Node.js: Prototype pollution via console.table properties
2021-12-20 00:35:48
cve
cve
CVE-2021-44534
2024-05-31 18:15:09
CVE-2022-21824
2022-02-24 19:15:10
cvelist
cvelist
CVE-2021-44534
2024-05-31 17:40:31
CVE-2022-21824
2022-02-24 00:00:00
ubuntucve
ubuntucve
CVE-2021-44534
2024-05-31 00:00:00
CVE-2022-21824
2022-02-24 00:00:00
ibm
ibm
prion
prion
Design/Logic Flaw
2022-02-24 19:15:00
veracode
veracode
Prototype Pollution
2022-01-12 18:05:26
cbl_mariner
cbl_mariner
CVE-2022-21824 affecting package nodejs for versions less than 16.14.0-1
2022-04-09 06:52:23
CVE-2022-21824 affecting package nodejs 14.18.1-1
2022-03-19 16:40:55
osv
osv
CVE-2022-21824
2022-02-24 19:15:10
BIT-node-2022-21824
2024-03-06 11:04:27
corepack17-17.3.1-1.1 on GA media
2024-06-15 00:00:00
alpinelinux
alpinelinux
CVE-2022-21824
2022-02-24 19:15:10
debiancve
debiancve
CVE-2022-21824
2022-02-24 19:15:10
redhatcve
redhatcve
CVE-2022-21824
2022-01-14 20:45:44
photon
photon
Important Photon OS Security Update - PHSA-2022-0164
2022-03-22 00:00:00
Important Photon OS Security Update - PHSA-2022-0453
2022-03-23 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0164
2022-03-22 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0077)
2022-02-23 00:00:00
Fedora: Security Advisory for nodejs (FEDORA-2022-0eda327cb4)
2022-01-21 00:00:00
Fedora: Security Advisory for nodejs (FEDORA-2022-78090d2099)
2022-01-21 00:00:00
nessus
nessus
Photon OS 4.0: Nodejs PHSA-2022-4.0-0164
2024-07-23 00:00:00
SUSE SLES15 Security Update : nodejs14 (SUSE-SU-2022:0112-1)
2022-01-19 00:00:00
SUSE SLES15 Security Update : nodejs12 (SUSE-SU-2022:0113-1)
2022-01-19 00:00:00
freebsd
freebsd
Node.js -- January 2022 Security Releases
2022-01-10 00:00:00
MySQL -- Multiple vulnerabilities
2022-07-19 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerability
2022-02-22 23:15:16
redos
redos
ROS-20220125-10
2022-01-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 16.13.2-alt1
2022-03-18 00:00:00
f5
f5
nodejsblog
nodejsblog
January 10th 2022 Security Releases
2022-01-11 00:00:00
rocky
rocky
nodejs:14 security update
2022-11-08 10:51:23
nodejs:16 security, bug fix, and enhancement update
2022-12-15 15:42:25
12 bug fix and enhancement update
2022-06-21 11:47:44
debian
debian
[SECURITY] [DLA 3137-1] nodejs security update
2022-10-05 15:18:22
[SECURITY] [DSA 5170-1] nodejs security update
2022-06-27 18:43:09
suse
suse
Security update for nodejs12 (moderate)
2022-04-17 00:00:00
Security update for nodejs10 (important)
2022-05-17 00:00:00
Security update for chromium (important)
2022-04-13 00:00:00
oraclelinux
oraclelinux
nodejs:14 security update
2022-11-15 00:00:00
nodejs:16 security, bug fix, and enhancement update
2022-12-16 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: nodejs-14.18.3-1.fc34
2022-01-20 08:35:12
[SECURITY] Fedora 35 Update: nodejs-16.13.2-1.fc35
2022-01-20 14:55:17
redhat
redhat
(RHSA-2022:7830) Moderate: nodejs:14 security update
2022-11-08 10:51:23
(RHSA-2022:7044) Moderate: rh-nodejs14-nodejs security update
2022-10-19 09:58:44
almalinux
almalinux
Moderate: nodejs:14 security update
2022-11-08 00:00:00
Moderate: nodejs:16 security, bug fix, and enhancement update
2022-12-15 00:00:00
gentoo
gentoo
Node.js: Multiple Vulnerabilities
2024-05-08 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
AI Score
6.6
Confidence
Low
EPSS
0.01
Percentile
83.6%
Related for OSV:CVE-2021-44534