Node.js Security Vulnerabilities and Issues — Node.js CVE List | Vulners.com

Lucene search

K

NodejsNode.js

6 matches found

CVE•added 2022/07/14 3:15 p.m.•282 views

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0,

8.1CVSS8.3AI score0.00112EPSS

CVE•added 2022/07/14 3:15 p.m.•221 views

CVE-2022-32215

The llhttp parser <v14.20.1, <v16.17.1 and

6.5CVSS7.1AI score0.88045EPSS

CVE•added 2022/07/14 3:15 p.m.•215 views

CVE-2022-32213

The llhttp parser <v14.20.1, <v16.17.1 and

6.5CVSS7.2AI score0.89015EPSS

CVE•added 2022/07/14 3:15 p.m.•192 views

CVE-2022-32214

The llhttp parser <v14.20.1, <v16.17.1 and

6.5CVSS7AI score0.64855EPSS

CVE•added 2022/07/14 3:15 p.m.•124 views

CVE-2022-32222

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.

5.3CVSS5.1AI score0.00488EPSS

CVE•added 2022/07/14 3:15 p.m.•114 views

CVE-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.W...

7.3CVSS7AI score0.1041EPSS