7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
4.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.0%
node is vulnerable to dll hijacking. The vulnerability exists due to the default open ssl configuration which allows an attacker to exploit the vulnerability by placing a malicious dll file on an affected system.
github.com/advisories/GHSA-fxjx-rf8x-pxw8
github.com/nodejs/node/commit/06c6bd377bd613d78cebf8b4ac5f3d71fd6cc507
github.com/nodejs/node/commit/3f0c3e142dc8a5a43f17a03d785498a855eaaf94
github.com/nodejs/node/commit/8e8aef836cb9807c9fe5ca350f1e7febdb40c3a7
github.com/nodejs/node/issues/40366
hackerone.com/reports/1447455
nodejs.org/en/blog/vulnerability/july-2022-security-releases/
security.netapp.com/advisory/ntap-20220915-0001/
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
4.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.0%