Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19626

Malicious code in bioql PyPI...

6.5CVSS6.9AI score0.01104EPSS
Exploits0References3
Debian
Debian
added 2025/08/29 6:10 p.m.9 views

[SECURITY] [DSA 5991-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5991-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 29, 2025 https://www.debian.org/security/faq -...

8.2CVSS8.1AI score0.87211EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: nodejs:18 (TSSA-2024:0766)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0766 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.5CVSS7AI score0.01104EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2024-22020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code...

6.5CVSS7.4AI score0.01104EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.10 views

CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2024-22020)

The version of nodejs / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22020 advisory. - A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-netwo...

6.5CVSS7.5AI score0.01104EPSS
Exploits0References2
OSV
OSV
added 2024/12/16 1:54 p.m.25 views

BIT-NODE-MIN-2024-22020

A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports...

6.5CVSS7.1AI score0.01104EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.20 views

Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2024-768)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-768 advisory. A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model...

6.5CVSS6.8AI score0.01104EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2024/11/07 12:0 a.m.24 views

RHEL 9 : nodejs:18 (RHSA-2024:6147)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6147 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

6.5CVSS6.7AI score0.01104EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/10/31 12:0 a.m.20 views

Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2024-749)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-749 advisory. A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model...

6.5CVSS6.8AI score0.01104EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2024/08/26 8:36 a.m.2 views

nodejs: Bypass network import restriction via data URL

A flaw was found in the Node.js package. By embedding non-network imports in data URLs, this flaw allows an attacker to execute arbitrary code, compromising system security...

6.5CVSS7.5AI score0.01104EPSS
Exploits0References5
OSV
OSV
added 2024/07/11 7:28 a.m.19 views

BIT-NODE-2024-22020

A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports...

6.5CVSS7.1AI score0.01104EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/07/10 3:36 a.m.3 views

SUSE CVE-2024-22020

A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports...

6.5CVSS7.9AI score0.01104EPSS
Exploits0References8
OSV
OSV
added 2024/07/09 2:15 a.m.19 views

CVE-2024-22020

A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports...

7.2AI score0.01104EPSS
Exploits0References4
CVE
CVE
added 2024/07/09 1:7 a.m.332 views

CVE-2024-22020

CVE-2024-22020 (Node.js) is a real vulnerability affecting Node.js where an attacker can bypass network import restrictions by embedding non-network imports in data URLs, enabling arbitrary code execution. The issue is documented across multiple advisories (e.g., Debian DSA, CBLMariner, AlmaLinux...

6.5CVSS6.7AI score0.01104EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/09 1:7 a.m.44 views

CVE-2024-22020

A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports...

6.5CVSS0.01104EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2024/07/09 1:7 a.m.22 views

CVE-2024-22020

A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports...

6.5CVSS7.3AI score0.01104EPSS
Exploits0
Rows per page
Query Builder