Vulnerability-Lookup

CVE-2020-8277 (GCVE-0-2020-8277)

Vulnerability from cvelistv5 – Published: 2020-11-19 00:32 – Updated: 2025-04-30 22:24

Summary

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Denial of Service (CWE-400)

Assigner

hackerone

References

13 references

URL	Tags
https://hackerone.com/reports/1033107	x_refsource_MISC
https://nodejs.org/en/blog/vulnerability/november…	x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://security.gentoo.org/glsa/202012-11	vendor-advisoryx_refsource_GENTOO
https://security.gentoo.org/glsa/202101-07	vendor-advisoryx_refsource_GENTOO
https://www.oracle.com/security-alerts/cpujan2021.html	x_refsource_MISC
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC
https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpuapr2022.html	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
NodeJS	Node	Affected: 4.0 , < 4.* (semver) Affected: 5.0 , < 5.* (semver) Affected: 6.0 , < 6.* (semver) Affected: 7.0 , < 7.* (semver) Affected: 8.0 , < 8.* (semver) Affected: 9.0 , < 9.* (semver) Affected: 11.0 , < 11.* (semver) Affected: 12.0 , < 12.19.1 (semver) Affected: 13.0 , < 13.* (semver) Affected: 14.0 , < 14.15.1 (semver) Affected: 15.0 , < 15.2.1 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:28.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1033107"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
          },
          {
            "name": "FEDORA-2020-7473744de1",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/"
          },
          {
            "name": "FEDORA-2020-307e873389",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/"
          },
          {
            "name": "GLSA-202012-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202012-11"
          },
          {
            "name": "GLSA-202101-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202101-07"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "name": "FEDORA-2021-afed2b904e",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/"
          },
          {
            "name": "FEDORA-2021-ee913722db",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Node",
          "vendor": "NodeJS",
          "versions": [
            {
              "lessThan": "4.*",
              "status": "affected",
              "version": "4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.*",
              "status": "affected",
              "version": "5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "6.*",
              "status": "affected",
              "version": "6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "7.*",
              "status": "affected",
              "version": "7.0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.*",
              "status": "affected",
              "version": "8.0",
              "versionType": "semver"
            },
            {
              "lessThan": "9.*",
              "status": "affected",
              "version": "9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "11.*",
              "status": "affected",
              "version": "11.0",
              "versionType": "semver"
            },
            {
              "lessThan": "12.19.1",
              "status": "affected",
              "version": "12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "13.*",
              "status": "affected",
              "version": "13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "14.15.1",
              "status": "affected",
              "version": "14.0",
              "versionType": "semver"
            },
            {
              "lessThan": "15.2.1",
              "status": "affected",
              "version": "15.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Denial of Service (CWE-400)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-30T22:24:27.745Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/1033107"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
        },
        {
          "name": "FEDORA-2020-7473744de1",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/"
        },
        {
          "name": "FEDORA-2020-307e873389",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/"
        },
        {
          "name": "GLSA-202012-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202012-11"
        },
        {
          "name": "GLSA-202101-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202101-07"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "name": "FEDORA-2021-afed2b904e",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/"
        },
        {
          "name": "FEDORA-2021-ee913722db",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2020-8277",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "https://github.com/nodejs/node",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in 15.2.1, 14.15.1, 12.19.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (CWE-400)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://hackerone.com/reports/1033107",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/1033107"
            },
            {
              "name": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/",
              "refsource": "CONFIRM",
              "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
            },
            {
              "name": "FEDORA-2020-7473744de1",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/"
            },
            {
              "name": "FEDORA-2020-307e873389",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/"
            },
            {
              "name": "GLSA-202012-11",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202012-11"
            },
            {
              "name": "GLSA-202101-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202101-07"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
            },
            {
              "name": "FEDORA-2021-afed2b904e",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/"
            },
            {
              "name": "FEDORA-2021-ee913722db",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2020-8277",
    "datePublished": "2020-11-19T00:32:13.000Z",
    "dateReserved": "2020-01-28T00:00:00.000Z",
    "dateUpdated": "2025-04-30T22:24:27.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2020-8277",
      "date": "2026-06-04",
      "epss": "0.58883",
      "percentile": "0.98255"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-8277\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2020-11-19T01:15:12.763\",\"lastModified\":\"2024-11-21T05:38:38.383\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.\"},{\"lang\":\"es\",\"value\":\"Una aplicaci\u00f3n Node.js que permite a un atacante desencadenar una petici\u00f3n DNS para un host de su elecci\u00f3n podr\u00eda desencadenar una Denegaci\u00f3n de servicio en las versiones anteriores a 15.2.1, versiones anteriores a 14.15.1 y versiones anteriores a 12.19.1  al conseguir que la aplicaci\u00f3n resuelva un Registro DNS con un mayor n\u00famero de respuestas.\u0026#xa0;Esto es corregido en versiones 15.2.1, 14.15.1 y 12.19.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"12.16.3\",\"versionEndExcluding\":\"12.19.1\",\"matchCriteriaId\":\"993C60FB-8308-4AFC-8394-95D8A976093A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"14.13.0\",\"versionEndExcluding\":\"14.15.1\",\"matchCriteriaId\":\"0452B6AC-1392-47E6-A0AE-0B44B59BEBDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"15.0.0\",\"versionEndExcluding\":\"15.2.1\",\"matchCriteriaId\":\"BC7DAB03-EAA2-46E2-AE08-F5DBB8923C60\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.1.2\",\"matchCriteriaId\":\"D0DBC938-A782-433F-8BF1-CA250C332AA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:19.3.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"937F66F5-F5BA-4156-82E0-EB2C99ABD41A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:20.3.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"BC0F8B31-F93B-40B6-9C06-A3996DC63829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.6.0\",\"matchCriteriaId\":\"86305E47-33E9-411C-B932-08C395C09982\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.0.23\",\"matchCriteriaId\":\"6757B2A9-0311-43DE-A057-F014767E0444\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"490B2C44-CECD-4551-B04F-4076D0E053C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48EFC111-B01B-4C34-87E4-D6B2C40C0122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073FEA23-E46A-4C73-9D29-95CFF4F5A59D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.16.0\",\"matchCriteriaId\":\"15CA5F77-8F82-4973-92E5-CE914FBCC774\"}]}]}],\"references\":[{\"url\":\"https://hackerone.com/reports/1033107\",\"source\":\"support@hackerone.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202012-11\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-07\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/1033107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202012-11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-07\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

cleanstart-2026-jy06700

Vulnerability from cleanstart

Published

2026-02-27 01:09

Modified

2026-02-26 12:09

Summary

vulnerability has been identified in Node

Details

Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2017-14919	WEB
	https://osv.dev/vulnerability/CVE-2017-15896	WEB
	https://osv.dev/vulnerability/CVE-2018-0734	WEB
	https://osv.dev/vulnerability/CVE-2018-0735	WEB
	https://osv.dev/vulnerability/CVE-2018-1000168	WEB
	https://osv.dev/vulnerability/CVE-2018-12121	WEB
	https://osv.dev/vulnerability/CVE-2018-12122	WEB
	https://osv.dev/vulnerability/CVE-2018-7160	WEB
	https://osv.dev/vulnerability/CVE-2018-7161	WEB
	https://osv.dev/vulnerability/CVE-2019-15604	WEB
	https://osv.dev/vulnerability/CVE-2019-15605	WEB
	https://osv.dev/vulnerability/CVE-2019-15606	WEB
	https://osv.dev/vulnerability/CVE-2019-5737	WEB
	https://osv.dev/vulnerability/CVE-2019-9511	WEB
	https://osv.dev/vulnerability/CVE-2019-9512	WEB
	https://osv.dev/vulnerability/CVE-2019-9513	WEB
	https://osv.dev/vulnerability/CVE-2019-9514	WEB
	https://osv.dev/vulnerability/CVE-2019-9515	WEB
	https://osv.dev/vulnerability/CVE-2019-9516	WEB
	https://osv.dev/vulnerability/CVE-2019-9517	WEB
	https://osv.dev/vulnerability/CVE-2019-9518	WEB
	https://osv.dev/vulnerability/CVE-2020-11080	WEB
	https://osv.dev/vulnerability/CVE-2020-7774	WEB
	https://osv.dev/vulnerability/CVE-2020-8172	WEB
	https://osv.dev/vulnerability/CVE-2020-8174	WEB
	https://osv.dev/vulnerability/CVE-2020-8201	WEB
	https://osv.dev/vulnerability/CVE-2020-8252	WEB
	https://osv.dev/vulnerability/CVE-2020-8265	WEB
	https://osv.dev/vulnerability/CVE-2020-8277	WEB
	https://osv.dev/vulnerability/CVE-2020-8287	WEB
	https://osv.dev/vulnerability/CVE-2021-21148	WEB
	https://osv.dev/vulnerability/CVE-2021-22930	WEB
	https://osv.dev/vulnerability/CVE-2021-22931	WEB
	https://osv.dev/vulnerability/CVE-2021-22959	WEB
	https://osv.dev/vulnerability/CVE-2021-22960	WEB
	https://osv.dev/vulnerability/CVE-2021-3672	WEB
	https://osv.dev/vulnerability/CVE-2021-43803	WEB
	https://osv.dev/vulnerability/CVE-2021-44531	WEB
	https://osv.dev/vulnerability/CVE-2021-44532	WEB
	https://osv.dev/vulnerability/CVE-2022-32212	WEB
	https://osv.dev/vulnerability/CVE-2022-32213	WEB
	https://osv.dev/vulnerability/CVE-2022-32214	WEB
	https://osv.dev/vulnerability/CVE-2022-32215	WEB
	https://osv.dev/vulnerability/CVE-2022-35255	WEB
	https://osv.dev/vulnerability/CVE-2022-35256	WEB
	https://osv.dev/vulnerability/CVE-2022-3602	WEB
	https://osv.dev/vulnerability/CVE-2022-43548	WEB
	https://osv.dev/vulnerability/CVE-2023-23918	WEB
	https://osv.dev/vulnerability/CVE-2023-23919	WEB
	https://osv.dev/vulnerability/CVE-2023-23920	WEB
	https://osv.dev/vulnerability/CVE-2023-23936	WEB
	https://osv.dev/vulnerability/CVE-2023-24807	WEB
	https://osv.dev/vulnerability/CVE-2023-39333	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2024-22018	WEB
	https://osv.dev/vulnerability/CVE-2024-22020	WEB
	https://osv.dev/vulnerability/CVE-2024-27982	WEB
	https://osv.dev/vulnerability/CVE-2024-27983	WEB
	https://osv.dev/vulnerability/CVE-2024-36138	WEB
	https://osv.dev/vulnerability/CVE-2024-37372	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-14919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-15896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1000168	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12122	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7160	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15604	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15606	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-5737	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9511	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9512	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9513	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9514	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9515	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9516	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9517	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9518	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-11080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-7774	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8172	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8174	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8201	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8252	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8265	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8277	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8287	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21148	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22930	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22931	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22959	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22960	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-3672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-43803	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44531	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44532	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32212	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32214	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32215	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35256	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3602	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-43548	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23918	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23920	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23936	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-24807	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-39333	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22018	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22020	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27982	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27983	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-36138	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-37372	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "nodejs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.9.3-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-JY06700",
  "modified": "2026-02-26T12:09:56Z",
  "published": "2026-02-27T01:09:46.914639Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JY06700"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-37372"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37372"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vulnerability has been identified in Node",
  "upstream": [
    "CVE-2017-14919",
    "CVE-2017-15896",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-1000168",
    "CVE-2018-12121",
    "CVE-2018-12122",
    "CVE-2018-7160",
    "CVE-2018-7161",
    "CVE-2019-15604",
    "CVE-2019-15605",
    "CVE-2019-15606",
    "CVE-2019-5737",
    "CVE-2019-9511",
    "CVE-2019-9512",
    "CVE-2019-9513",
    "CVE-2019-9514",
    "CVE-2019-9515",
    "CVE-2019-9516",
    "CVE-2019-9517",
    "CVE-2019-9518",
    "CVE-2020-11080",
    "CVE-2020-7774",
    "CVE-2020-8172",
    "CVE-2020-8174",
    "CVE-2020-8201",
    "CVE-2020-8252",
    "CVE-2020-8265",
    "CVE-2020-8277",
    "CVE-2020-8287",
    "CVE-2021-21148",
    "CVE-2021-22930",
    "CVE-2021-22931",
    "CVE-2021-22959",
    "CVE-2021-22960",
    "CVE-2021-3672",
    "CVE-2021-43803",
    "CVE-2021-44531",
    "CVE-2021-44532",
    "CVE-2022-32212",
    "CVE-2022-32213",
    "CVE-2022-32214",
    "CVE-2022-32215",
    "CVE-2022-35255",
    "CVE-2022-35256",
    "CVE-2022-3602",
    "CVE-2022-43548",
    "CVE-2023-23918",
    "CVE-2023-23919",
    "CVE-2023-23920",
    "CVE-2023-23936",
    "CVE-2023-24807",
    "CVE-2023-39333",
    "CVE-2023-44487",
    "CVE-2024-22018",
    "CVE-2024-22020",
    "CVE-2024-27982",
    "CVE-2024-27983",
    "CVE-2024-36138",
    "CVE-2024-37372"
  ]
}

cleanstart-2026-kn34553

Vulnerability from cleanstart

Published

2026-02-19 00:58

Modified

2026-02-18 09:40

Summary

vulnerability has been identified in Node

Details

Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2017-14919	WEB
	https://osv.dev/vulnerability/CVE-2017-15896	WEB
	https://osv.dev/vulnerability/CVE-2018-0734	WEB
	https://osv.dev/vulnerability/CVE-2018-0735	WEB
	https://osv.dev/vulnerability/CVE-2018-1000168	WEB
	https://osv.dev/vulnerability/CVE-2018-12121	WEB
	https://osv.dev/vulnerability/CVE-2018-12122	WEB
	https://osv.dev/vulnerability/CVE-2018-7160	WEB
	https://osv.dev/vulnerability/CVE-2018-7161	WEB
	https://osv.dev/vulnerability/CVE-2019-15604	WEB
	https://osv.dev/vulnerability/CVE-2019-15605	WEB
	https://osv.dev/vulnerability/CVE-2019-15606	WEB
	https://osv.dev/vulnerability/CVE-2019-5737	WEB
	https://osv.dev/vulnerability/CVE-2019-9511	WEB
	https://osv.dev/vulnerability/CVE-2019-9512	WEB
	https://osv.dev/vulnerability/CVE-2019-9513	WEB
	https://osv.dev/vulnerability/CVE-2019-9514	WEB
	https://osv.dev/vulnerability/CVE-2019-9515	WEB
	https://osv.dev/vulnerability/CVE-2019-9516	WEB
	https://osv.dev/vulnerability/CVE-2019-9517	WEB
	https://osv.dev/vulnerability/CVE-2019-9518	WEB
	https://osv.dev/vulnerability/CVE-2020-11080	WEB
	https://osv.dev/vulnerability/CVE-2020-7774	WEB
	https://osv.dev/vulnerability/CVE-2020-8172	WEB
	https://osv.dev/vulnerability/CVE-2020-8174	WEB
	https://osv.dev/vulnerability/CVE-2020-8201	WEB
	https://osv.dev/vulnerability/CVE-2020-8252	WEB
	https://osv.dev/vulnerability/CVE-2020-8265	WEB
	https://osv.dev/vulnerability/CVE-2020-8277	WEB
	https://osv.dev/vulnerability/CVE-2020-8287	WEB
	https://osv.dev/vulnerability/CVE-2021-21148	WEB
	https://osv.dev/vulnerability/CVE-2021-22930	WEB
	https://osv.dev/vulnerability/CVE-2021-22931	WEB
	https://osv.dev/vulnerability/CVE-2021-22959	WEB
	https://osv.dev/vulnerability/CVE-2021-22960	WEB
	https://osv.dev/vulnerability/CVE-2021-3672	WEB
	https://osv.dev/vulnerability/CVE-2021-43803	WEB
	https://osv.dev/vulnerability/CVE-2021-44531	WEB
	https://osv.dev/vulnerability/CVE-2021-44532	WEB
	https://osv.dev/vulnerability/CVE-2022-32212	WEB
	https://osv.dev/vulnerability/CVE-2022-32213	WEB
	https://osv.dev/vulnerability/CVE-2022-32214	WEB
	https://osv.dev/vulnerability/CVE-2022-32215	WEB
	https://osv.dev/vulnerability/CVE-2022-35255	WEB
	https://osv.dev/vulnerability/CVE-2022-35256	WEB
	https://osv.dev/vulnerability/CVE-2022-3602	WEB
	https://osv.dev/vulnerability/CVE-2022-43548	WEB
	https://osv.dev/vulnerability/CVE-2023-23918	WEB
	https://osv.dev/vulnerability/CVE-2023-23919	WEB
	https://osv.dev/vulnerability/CVE-2023-23920	WEB
	https://osv.dev/vulnerability/CVE-2023-23936	WEB
	https://osv.dev/vulnerability/CVE-2023-24807	WEB
	https://osv.dev/vulnerability/CVE-2023-39333	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2024-22018	WEB
	https://osv.dev/vulnerability/CVE-2024-22020	WEB
	https://osv.dev/vulnerability/CVE-2024-27982	WEB
	https://osv.dev/vulnerability/CVE-2024-27983	WEB
	https://osv.dev/vulnerability/CVE-2024-36138	WEB
	https://osv.dev/vulnerability/CVE-2024-37372	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-14919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-15896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1000168	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12122	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7160	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15604	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15606	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-5737	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9511	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9512	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9513	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9514	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9515	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9516	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9517	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9518	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-11080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-7774	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8172	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8174	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8201	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8252	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8265	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8277	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8287	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21148	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22930	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22931	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22959	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22960	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-3672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-43803	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44531	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44532	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32212	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32214	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32215	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35256	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3602	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-43548	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23918	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23920	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23936	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-24807	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-39333	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22018	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22020	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27982	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27983	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-36138	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-37372	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "nodejs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.9.3-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-KN34553",
  "modified": "2026-02-18T09:40:19Z",
  "published": "2026-02-19T00:58:48.926519Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KN34553"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-37372"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37372"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vulnerability has been identified in Node",
  "upstream": [
    "CVE-2017-14919",
    "CVE-2017-15896",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-1000168",
    "CVE-2018-12121",
    "CVE-2018-12122",
    "CVE-2018-7160",
    "CVE-2018-7161",
    "CVE-2019-15604",
    "CVE-2019-15605",
    "CVE-2019-15606",
    "CVE-2019-5737",
    "CVE-2019-9511",
    "CVE-2019-9512",
    "CVE-2019-9513",
    "CVE-2019-9514",
    "CVE-2019-9515",
    "CVE-2019-9516",
    "CVE-2019-9517",
    "CVE-2019-9518",
    "CVE-2020-11080",
    "CVE-2020-7774",
    "CVE-2020-8172",
    "CVE-2020-8174",
    "CVE-2020-8201",
    "CVE-2020-8252",
    "CVE-2020-8265",
    "CVE-2020-8277",
    "CVE-2020-8287",
    "CVE-2021-21148",
    "CVE-2021-22930",
    "CVE-2021-22931",
    "CVE-2021-22959",
    "CVE-2021-22960",
    "CVE-2021-3672",
    "CVE-2021-43803",
    "CVE-2021-44531",
    "CVE-2021-44532",
    "CVE-2022-32212",
    "CVE-2022-32213",
    "CVE-2022-32214",
    "CVE-2022-32215",
    "CVE-2022-35255",
    "CVE-2022-35256",
    "CVE-2022-3602",
    "CVE-2022-43548",
    "CVE-2023-23918",
    "CVE-2023-23919",
    "CVE-2023-23920",
    "CVE-2023-23936",
    "CVE-2023-24807",
    "CVE-2023-39333",
    "CVE-2023-44487",
    "CVE-2024-22018",
    "CVE-2024-22020",
    "CVE-2024-27982",
    "CVE-2024-27983",
    "CVE-2024-36138",
    "CVE-2024-37372"
  ]
}

cleanstart-2026-kz45320

Vulnerability from cleanstart

Published

2026-04-01 09:16

Modified

2026-03-26 18:22

Summary

Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0

Details

Multiple security vulnerabilities affect the nodejs package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2017-14919	WEB
	https://osv.dev/vulnerability/CVE-2017-15896	WEB
	https://osv.dev/vulnerability/CVE-2018-0734	WEB
	https://osv.dev/vulnerability/CVE-2018-0735	WEB
	https://osv.dev/vulnerability/CVE-2018-1000168	WEB
	https://osv.dev/vulnerability/CVE-2018-12121	WEB
	https://osv.dev/vulnerability/CVE-2018-12122	WEB
	https://osv.dev/vulnerability/CVE-2018-7160	WEB
	https://osv.dev/vulnerability/CVE-2018-7161	WEB
	https://osv.dev/vulnerability/CVE-2019-15604	WEB
	https://osv.dev/vulnerability/CVE-2019-15605	WEB
	https://osv.dev/vulnerability/CVE-2019-15606	WEB
	https://osv.dev/vulnerability/CVE-2019-5737	WEB
	https://osv.dev/vulnerability/CVE-2019-9511	WEB
	https://osv.dev/vulnerability/CVE-2019-9512	WEB
	https://osv.dev/vulnerability/CVE-2019-9513	WEB
	https://osv.dev/vulnerability/CVE-2019-9514	WEB
	https://osv.dev/vulnerability/CVE-2019-9515	WEB
	https://osv.dev/vulnerability/CVE-2019-9516	WEB
	https://osv.dev/vulnerability/CVE-2019-9517	WEB
	https://osv.dev/vulnerability/CVE-2019-9518	WEB
	https://osv.dev/vulnerability/CVE-2020-11080	WEB
	https://osv.dev/vulnerability/CVE-2020-7774	WEB
	https://osv.dev/vulnerability/CVE-2020-8172	WEB
	https://osv.dev/vulnerability/CVE-2020-8174	WEB
	https://osv.dev/vulnerability/CVE-2020-8201	WEB
	https://osv.dev/vulnerability/CVE-2020-8252	WEB
	https://osv.dev/vulnerability/CVE-2020-8265	WEB
	https://osv.dev/vulnerability/CVE-2020-8277	WEB
	https://osv.dev/vulnerability/CVE-2020-8287	WEB
	https://osv.dev/vulnerability/CVE-2021-21148	WEB
	https://osv.dev/vulnerability/CVE-2021-22930	WEB
	https://osv.dev/vulnerability/CVE-2021-22931	WEB
	https://osv.dev/vulnerability/CVE-2021-22959	WEB
	https://osv.dev/vulnerability/CVE-2021-22960	WEB
	https://osv.dev/vulnerability/CVE-2021-3672	WEB
	https://osv.dev/vulnerability/CVE-2021-43803	WEB
	https://osv.dev/vulnerability/CVE-2021-44531	WEB
	https://osv.dev/vulnerability/CVE-2021-44532	WEB
	https://osv.dev/vulnerability/CVE-2022-32212	WEB
	https://osv.dev/vulnerability/CVE-2022-32213	WEB
	https://osv.dev/vulnerability/CVE-2022-32214	WEB
	https://osv.dev/vulnerability/CVE-2022-32215	WEB
	https://osv.dev/vulnerability/CVE-2022-35255	WEB
	https://osv.dev/vulnerability/CVE-2022-35256	WEB
	https://osv.dev/vulnerability/CVE-2022-3602	WEB
	https://osv.dev/vulnerability/CVE-2022-43548	WEB
	https://osv.dev/vulnerability/CVE-2023-23918	WEB
	https://osv.dev/vulnerability/CVE-2023-23919	WEB
	https://osv.dev/vulnerability/CVE-2023-23920	WEB
	https://osv.dev/vulnerability/CVE-2023-23936	WEB
	https://osv.dev/vulnerability/CVE-2023-24807	WEB
	https://osv.dev/vulnerability/CVE-2023-39333	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2024-22018	WEB
	https://osv.dev/vulnerability/CVE-2024-22020	WEB
	https://osv.dev/vulnerability/CVE-2024-27982	WEB
	https://osv.dev/vulnerability/CVE-2024-27983	WEB
	https://osv.dev/vulnerability/CVE-2024-36138	WEB
	https://osv.dev/vulnerability/CVE-2024-37372	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-14919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-15896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1000168	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12122	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7160	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15604	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15606	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-5737	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9511	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9512	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9513	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9514	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9515	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9516	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9517	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9518	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-11080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-7774	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8172	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8174	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8201	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8252	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8265	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8277	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8287	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21148	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22930	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22931	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22959	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22960	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-3672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-43803	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44531	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44532	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32212	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32214	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32215	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35256	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3602	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-43548	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23918	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23920	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23936	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-24807	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-39333	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22018	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22020	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27982	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27983	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-36138	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-37372	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "nodejs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.9.3-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the nodejs package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-KZ45320",
  "modified": "2026-03-26T18:22:34Z",
  "published": "2026-04-01T09:16:45.727713Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KZ45320.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-37372"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37372"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0",
  "upstream": [
    "CVE-2017-14919",
    "CVE-2017-15896",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-1000168",
    "CVE-2018-12121",
    "CVE-2018-12122",
    "CVE-2018-7160",
    "CVE-2018-7161",
    "CVE-2019-15604",
    "CVE-2019-15605",
    "CVE-2019-15606",
    "CVE-2019-5737",
    "CVE-2019-9511",
    "CVE-2019-9512",
    "CVE-2019-9513",
    "CVE-2019-9514",
    "CVE-2019-9515",
    "CVE-2019-9516",
    "CVE-2019-9517",
    "CVE-2019-9518",
    "CVE-2020-11080",
    "CVE-2020-7774",
    "CVE-2020-8172",
    "CVE-2020-8174",
    "CVE-2020-8201",
    "CVE-2020-8252",
    "CVE-2020-8265",
    "CVE-2020-8277",
    "CVE-2020-8287",
    "CVE-2021-21148",
    "CVE-2021-22930",
    "CVE-2021-22931",
    "CVE-2021-22959",
    "CVE-2021-22960",
    "CVE-2021-3672",
    "CVE-2021-43803",
    "CVE-2021-44531",
    "CVE-2021-44532",
    "CVE-2022-32212",
    "CVE-2022-32213",
    "CVE-2022-32214",
    "CVE-2022-32215",
    "CVE-2022-35255",
    "CVE-2022-35256",
    "CVE-2022-3602",
    "CVE-2022-43548",
    "CVE-2023-23918",
    "CVE-2023-23919",
    "CVE-2023-23920",
    "CVE-2023-23936",
    "CVE-2023-24807",
    "CVE-2023-39333",
    "CVE-2023-44487",
    "CVE-2024-22018",
    "CVE-2024-22020",
    "CVE-2024-27982",
    "CVE-2024-27983",
    "CVE-2024-36138",
    "CVE-2024-37372"
  ]
}

cleanstart-2026-lj44720

Vulnerability from cleanstart

Published

2026-05-18 13:08

Modified

2026-05-15 04:48

Summary

Details

Multiple security vulnerabilities affect the nodejs package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2017-14919	WEB
	https://osv.dev/vulnerability/CVE-2017-15896	WEB
	https://osv.dev/vulnerability/CVE-2018-0734	WEB
	https://osv.dev/vulnerability/CVE-2018-0735	WEB
	https://osv.dev/vulnerability/CVE-2018-1000168	WEB
	https://osv.dev/vulnerability/CVE-2018-12121	WEB
	https://osv.dev/vulnerability/CVE-2018-12122	WEB
	https://osv.dev/vulnerability/CVE-2018-7160	WEB
	https://osv.dev/vulnerability/CVE-2018-7161	WEB
	https://osv.dev/vulnerability/CVE-2019-15604	WEB
	https://osv.dev/vulnerability/CVE-2019-15605	WEB
	https://osv.dev/vulnerability/CVE-2019-15606	WEB
	https://osv.dev/vulnerability/CVE-2019-5737	WEB
	https://osv.dev/vulnerability/CVE-2019-9511	WEB
	https://osv.dev/vulnerability/CVE-2019-9512	WEB
	https://osv.dev/vulnerability/CVE-2019-9513	WEB
	https://osv.dev/vulnerability/CVE-2019-9514	WEB
	https://osv.dev/vulnerability/CVE-2019-9515	WEB
	https://osv.dev/vulnerability/CVE-2019-9516	WEB
	https://osv.dev/vulnerability/CVE-2019-9517	WEB
	https://osv.dev/vulnerability/CVE-2019-9518	WEB
	https://osv.dev/vulnerability/CVE-2020-11080	WEB
	https://osv.dev/vulnerability/CVE-2020-7774	WEB
	https://osv.dev/vulnerability/CVE-2020-8172	WEB
	https://osv.dev/vulnerability/CVE-2020-8174	WEB
	https://osv.dev/vulnerability/CVE-2020-8201	WEB
	https://osv.dev/vulnerability/CVE-2020-8252	WEB
	https://osv.dev/vulnerability/CVE-2020-8265	WEB
	https://osv.dev/vulnerability/CVE-2020-8277	WEB
	https://osv.dev/vulnerability/CVE-2020-8287	WEB
	https://osv.dev/vulnerability/CVE-2021-21148	WEB
	https://osv.dev/vulnerability/CVE-2021-22930	WEB
	https://osv.dev/vulnerability/CVE-2021-22931	WEB
	https://osv.dev/vulnerability/CVE-2021-22959	WEB
	https://osv.dev/vulnerability/CVE-2021-22960	WEB
	https://osv.dev/vulnerability/CVE-2021-3672	WEB
	https://osv.dev/vulnerability/CVE-2021-43803	WEB
	https://osv.dev/vulnerability/CVE-2021-44531	WEB
	https://osv.dev/vulnerability/CVE-2021-44532	WEB
	https://osv.dev/vulnerability/CVE-2022-32212	WEB
	https://osv.dev/vulnerability/CVE-2022-32213	WEB
	https://osv.dev/vulnerability/CVE-2022-32214	WEB
	https://osv.dev/vulnerability/CVE-2022-32215	WEB
	https://osv.dev/vulnerability/CVE-2022-35255	WEB
	https://osv.dev/vulnerability/CVE-2022-35256	WEB
	https://osv.dev/vulnerability/CVE-2022-3602	WEB
	https://osv.dev/vulnerability/CVE-2022-43548	WEB
	https://osv.dev/vulnerability/CVE-2023-23918	WEB
	https://osv.dev/vulnerability/CVE-2023-23919	WEB
	https://osv.dev/vulnerability/CVE-2023-23920	WEB
	https://osv.dev/vulnerability/CVE-2023-23936	WEB
	https://osv.dev/vulnerability/CVE-2023-24807	WEB
	https://osv.dev/vulnerability/CVE-2023-39333	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2024-22018	WEB
	https://osv.dev/vulnerability/CVE-2024-22020	WEB
	https://osv.dev/vulnerability/CVE-2024-27982	WEB
	https://osv.dev/vulnerability/CVE-2024-27983	WEB
	https://osv.dev/vulnerability/CVE-2024-36138	WEB
	https://osv.dev/vulnerability/CVE-2024-37372	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-14919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-15896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1000168	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12122	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7160	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15604	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15606	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-5737	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9511	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9512	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9513	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9514	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9515	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9516	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9517	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9518	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-11080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-7774	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8172	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8174	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8201	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8252	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8265	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8277	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8287	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21148	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22930	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22931	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22959	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22960	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-3672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-43803	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44531	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44532	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32212	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32214	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32215	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35256	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3602	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-43548	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23918	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23920	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23936	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-24807	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-39333	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22018	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22020	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27982	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27983	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-36138	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-37372	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "nodejs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.9.3-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the nodejs package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-LJ44720",
  "modified": "2026-05-15T04:48:37Z",
  "published": "2026-05-18T13:08:13.240549Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LJ44720.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-37372"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37372"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0",
  "upstream": [
    "CVE-2017-14919",
    "CVE-2017-15896",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-1000168",
    "CVE-2018-12121",
    "CVE-2018-12122",
    "CVE-2018-7160",
    "CVE-2018-7161",
    "CVE-2019-15604",
    "CVE-2019-15605",
    "CVE-2019-15606",
    "CVE-2019-5737",
    "CVE-2019-9511",
    "CVE-2019-9512",
    "CVE-2019-9513",
    "CVE-2019-9514",
    "CVE-2019-9515",
    "CVE-2019-9516",
    "CVE-2019-9517",
    "CVE-2019-9518",
    "CVE-2020-11080",
    "CVE-2020-7774",
    "CVE-2020-8172",
    "CVE-2020-8174",
    "CVE-2020-8201",
    "CVE-2020-8252",
    "CVE-2020-8265",
    "CVE-2020-8277",
    "CVE-2020-8287",
    "CVE-2021-21148",
    "CVE-2021-22930",
    "CVE-2021-22931",
    "CVE-2021-22959",
    "CVE-2021-22960",
    "CVE-2021-3672",
    "CVE-2021-43803",
    "CVE-2021-44531",
    "CVE-2021-44532",
    "CVE-2022-32212",
    "CVE-2022-32213",
    "CVE-2022-32214",
    "CVE-2022-32215",
    "CVE-2022-35255",
    "CVE-2022-35256",
    "CVE-2022-3602",
    "CVE-2022-43548",
    "CVE-2023-23918",
    "CVE-2023-23919",
    "CVE-2023-23920",
    "CVE-2023-23936",
    "CVE-2023-24807",
    "CVE-2023-39333",
    "CVE-2023-44487",
    "CVE-2024-22018",
    "CVE-2024-22020",
    "CVE-2024-27982",
    "CVE-2024-27983",
    "CVE-2024-36138",
    "CVE-2024-37372"
  ]
}

cleanstart-2026-ln12820

Vulnerability from cleanstart

Published

2026-02-19 00:58

Modified

2026-02-18 09:40

Summary

vulnerability has been identified in Node

Details

Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2017-14919	WEB
	https://osv.dev/vulnerability/CVE-2017-15896	WEB
	https://osv.dev/vulnerability/CVE-2018-0734	WEB
	https://osv.dev/vulnerability/CVE-2018-0735	WEB
	https://osv.dev/vulnerability/CVE-2018-1000168	WEB
	https://osv.dev/vulnerability/CVE-2018-12121	WEB
	https://osv.dev/vulnerability/CVE-2018-12122	WEB
	https://osv.dev/vulnerability/CVE-2018-7160	WEB
	https://osv.dev/vulnerability/CVE-2018-7161	WEB
	https://osv.dev/vulnerability/CVE-2019-15604	WEB
	https://osv.dev/vulnerability/CVE-2019-15605	WEB
	https://osv.dev/vulnerability/CVE-2019-15606	WEB
	https://osv.dev/vulnerability/CVE-2019-5737	WEB
	https://osv.dev/vulnerability/CVE-2019-9511	WEB
	https://osv.dev/vulnerability/CVE-2019-9512	WEB
	https://osv.dev/vulnerability/CVE-2019-9513	WEB
	https://osv.dev/vulnerability/CVE-2019-9514	WEB
	https://osv.dev/vulnerability/CVE-2019-9515	WEB
	https://osv.dev/vulnerability/CVE-2019-9516	WEB
	https://osv.dev/vulnerability/CVE-2019-9517	WEB
	https://osv.dev/vulnerability/CVE-2019-9518	WEB
	https://osv.dev/vulnerability/CVE-2020-11080	WEB
	https://osv.dev/vulnerability/CVE-2020-7774	WEB
	https://osv.dev/vulnerability/CVE-2020-8172	WEB
	https://osv.dev/vulnerability/CVE-2020-8174	WEB
	https://osv.dev/vulnerability/CVE-2020-8201	WEB
	https://osv.dev/vulnerability/CVE-2020-8252	WEB
	https://osv.dev/vulnerability/CVE-2020-8265	WEB
	https://osv.dev/vulnerability/CVE-2020-8277	WEB
	https://osv.dev/vulnerability/CVE-2020-8287	WEB
	https://osv.dev/vulnerability/CVE-2021-21148	WEB
	https://osv.dev/vulnerability/CVE-2021-22930	WEB
	https://osv.dev/vulnerability/CVE-2021-22931	WEB
	https://osv.dev/vulnerability/CVE-2021-22959	WEB
	https://osv.dev/vulnerability/CVE-2021-22960	WEB
	https://osv.dev/vulnerability/CVE-2021-3672	WEB
	https://osv.dev/vulnerability/CVE-2021-43803	WEB
	https://osv.dev/vulnerability/CVE-2021-44531	WEB
	https://osv.dev/vulnerability/CVE-2021-44532	WEB
	https://osv.dev/vulnerability/CVE-2022-32212	WEB
	https://osv.dev/vulnerability/CVE-2022-32213	WEB
	https://osv.dev/vulnerability/CVE-2022-32214	WEB
	https://osv.dev/vulnerability/CVE-2022-32215	WEB
	https://osv.dev/vulnerability/CVE-2022-35255	WEB
	https://osv.dev/vulnerability/CVE-2022-35256	WEB
	https://osv.dev/vulnerability/CVE-2022-3602	WEB
	https://osv.dev/vulnerability/CVE-2022-43548	WEB
	https://osv.dev/vulnerability/CVE-2023-23918	WEB
	https://osv.dev/vulnerability/CVE-2023-23919	WEB
	https://osv.dev/vulnerability/CVE-2023-23920	WEB
	https://osv.dev/vulnerability/CVE-2023-23936	WEB
	https://osv.dev/vulnerability/CVE-2023-24807	WEB
	https://osv.dev/vulnerability/CVE-2023-39333	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2024-22018	WEB
	https://osv.dev/vulnerability/CVE-2024-22020	WEB
	https://osv.dev/vulnerability/CVE-2024-27982	WEB
	https://osv.dev/vulnerability/CVE-2024-27983	WEB
	https://osv.dev/vulnerability/CVE-2024-36138	WEB
	https://osv.dev/vulnerability/CVE-2024-37372	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-14919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-15896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1000168	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12122	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7160	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15604	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15606	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-5737	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9511	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9512	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9513	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9514	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9515	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9516	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9517	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9518	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-11080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-7774	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8172	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8174	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8201	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8252	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8265	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8277	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8287	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21148	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22930	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22931	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22959	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22960	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-3672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-43803	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44531	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44532	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32212	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32214	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32215	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35256	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3602	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-43548	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23918	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23920	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23936	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-24807	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-39333	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22018	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22020	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27982	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27983	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-36138	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-37372	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "nodejs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.9.3-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-LN12820",
  "modified": "2026-02-18T09:40:19Z",
  "published": "2026-02-19T00:58:49.154512Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LN12820"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-37372"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37372"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vulnerability has been identified in Node",
  "upstream": [
    "CVE-2017-14919",
    "CVE-2017-15896",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-1000168",
    "CVE-2018-12121",
    "CVE-2018-12122",
    "CVE-2018-7160",
    "CVE-2018-7161",
    "CVE-2019-15604",
    "CVE-2019-15605",
    "CVE-2019-15606",
    "CVE-2019-5737",
    "CVE-2019-9511",
    "CVE-2019-9512",
    "CVE-2019-9513",
    "CVE-2019-9514",
    "CVE-2019-9515",
    "CVE-2019-9516",
    "CVE-2019-9517",
    "CVE-2019-9518",
    "CVE-2020-11080",
    "CVE-2020-7774",
    "CVE-2020-8172",
    "CVE-2020-8174",
    "CVE-2020-8201",
    "CVE-2020-8252",
    "CVE-2020-8265",
    "CVE-2020-8277",
    "CVE-2020-8287",
    "CVE-2021-21148",
    "CVE-2021-22930",
    "CVE-2021-22931",
    "CVE-2021-22959",
    "CVE-2021-22960",
    "CVE-2021-3672",
    "CVE-2021-43803",
    "CVE-2021-44531",
    "CVE-2021-44532",
    "CVE-2022-32212",
    "CVE-2022-32213",
    "CVE-2022-32214",
    "CVE-2022-32215",
    "CVE-2022-35255",
    "CVE-2022-35256",
    "CVE-2022-3602",
    "CVE-2022-43548",
    "CVE-2023-23918",
    "CVE-2023-23919",
    "CVE-2023-23920",
    "CVE-2023-23936",
    "CVE-2023-24807",
    "CVE-2023-39333",
    "CVE-2023-44487",
    "CVE-2024-22018",
    "CVE-2024-22020",
    "CVE-2024-27982",
    "CVE-2024-27983",
    "CVE-2024-36138",
    "CVE-2024-37372"
  ]
}

cleanstart-2026-tx00223

Vulnerability from cleanstart

Published

2026-05-18 13:08

Modified

2026-05-15 02:44

Summary

Details

Multiple security vulnerabilities affect the nodejs package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2017-14919	WEB
	https://osv.dev/vulnerability/CVE-2017-15896	WEB
	https://osv.dev/vulnerability/CVE-2018-0734	WEB
	https://osv.dev/vulnerability/CVE-2018-0735	WEB
	https://osv.dev/vulnerability/CVE-2018-1000168	WEB
	https://osv.dev/vulnerability/CVE-2018-12121	WEB
	https://osv.dev/vulnerability/CVE-2018-12122	WEB
	https://osv.dev/vulnerability/CVE-2018-7160	WEB
	https://osv.dev/vulnerability/CVE-2018-7161	WEB
	https://osv.dev/vulnerability/CVE-2019-15604	WEB
	https://osv.dev/vulnerability/CVE-2019-15605	WEB
	https://osv.dev/vulnerability/CVE-2019-15606	WEB
	https://osv.dev/vulnerability/CVE-2019-5737	WEB
	https://osv.dev/vulnerability/CVE-2019-9511	WEB
	https://osv.dev/vulnerability/CVE-2019-9512	WEB
	https://osv.dev/vulnerability/CVE-2019-9513	WEB
	https://osv.dev/vulnerability/CVE-2019-9514	WEB
	https://osv.dev/vulnerability/CVE-2019-9515	WEB
	https://osv.dev/vulnerability/CVE-2019-9516	WEB
	https://osv.dev/vulnerability/CVE-2019-9517	WEB
	https://osv.dev/vulnerability/CVE-2019-9518	WEB
	https://osv.dev/vulnerability/CVE-2020-11080	WEB
	https://osv.dev/vulnerability/CVE-2020-7774	WEB
	https://osv.dev/vulnerability/CVE-2020-8172	WEB
	https://osv.dev/vulnerability/CVE-2020-8174	WEB
	https://osv.dev/vulnerability/CVE-2020-8201	WEB
	https://osv.dev/vulnerability/CVE-2020-8252	WEB
	https://osv.dev/vulnerability/CVE-2020-8265	WEB
	https://osv.dev/vulnerability/CVE-2020-8277	WEB
	https://osv.dev/vulnerability/CVE-2020-8287	WEB
	https://osv.dev/vulnerability/CVE-2021-21148	WEB
	https://osv.dev/vulnerability/CVE-2021-22930	WEB
	https://osv.dev/vulnerability/CVE-2021-22931	WEB
	https://osv.dev/vulnerability/CVE-2021-22959	WEB
	https://osv.dev/vulnerability/CVE-2021-22960	WEB
	https://osv.dev/vulnerability/CVE-2021-3672	WEB
	https://osv.dev/vulnerability/CVE-2021-43803	WEB
	https://osv.dev/vulnerability/CVE-2021-44531	WEB
	https://osv.dev/vulnerability/CVE-2021-44532	WEB
	https://osv.dev/vulnerability/CVE-2022-32212	WEB
	https://osv.dev/vulnerability/CVE-2022-32213	WEB
	https://osv.dev/vulnerability/CVE-2022-32214	WEB
	https://osv.dev/vulnerability/CVE-2022-32215	WEB
	https://osv.dev/vulnerability/CVE-2022-35255	WEB
	https://osv.dev/vulnerability/CVE-2022-35256	WEB
	https://osv.dev/vulnerability/CVE-2022-3602	WEB
	https://osv.dev/vulnerability/CVE-2022-43548	WEB
	https://osv.dev/vulnerability/CVE-2023-23918	WEB
	https://osv.dev/vulnerability/CVE-2023-23919	WEB
	https://osv.dev/vulnerability/CVE-2023-23920	WEB
	https://osv.dev/vulnerability/CVE-2023-23936	WEB
	https://osv.dev/vulnerability/CVE-2023-24807	WEB
	https://osv.dev/vulnerability/CVE-2023-39333	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2024-22018	WEB
	https://osv.dev/vulnerability/CVE-2024-22020	WEB
	https://osv.dev/vulnerability/CVE-2024-27982	WEB
	https://osv.dev/vulnerability/CVE-2024-27983	WEB
	https://osv.dev/vulnerability/CVE-2024-36138	WEB
	https://osv.dev/vulnerability/CVE-2024-37372	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-14919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-15896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1000168	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12122	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7160	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15604	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15606	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-5737	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9511	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9512	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9513	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9514	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9515	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9516	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9517	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9518	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-11080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-7774	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8172	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8174	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8201	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8252	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8265	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8277	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8287	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21148	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22930	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22931	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22959	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22960	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-3672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-43803	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44531	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44532	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32212	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32214	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32215	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35256	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3602	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-43548	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23918	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23920	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23936	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-24807	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-39333	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22018	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22020	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27982	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27983	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-36138	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-37372	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "nodejs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.9.3-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the nodejs package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-TX00223",
  "modified": "2026-05-15T02:44:47Z",
  "published": "2026-05-18T13:08:20.593429Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TX00223.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-37372"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37372"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0",
  "upstream": [
    "CVE-2017-14919",
    "CVE-2017-15896",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-1000168",
    "CVE-2018-12121",
    "CVE-2018-12122",
    "CVE-2018-7160",
    "CVE-2018-7161",
    "CVE-2019-15604",
    "CVE-2019-15605",
    "CVE-2019-15606",
    "CVE-2019-5737",
    "CVE-2019-9511",
    "CVE-2019-9512",
    "CVE-2019-9513",
    "CVE-2019-9514",
    "CVE-2019-9515",
    "CVE-2019-9516",
    "CVE-2019-9517",
    "CVE-2019-9518",
    "CVE-2020-11080",
    "CVE-2020-7774",
    "CVE-2020-8172",
    "CVE-2020-8174",
    "CVE-2020-8201",
    "CVE-2020-8252",
    "CVE-2020-8265",
    "CVE-2020-8277",
    "CVE-2020-8287",
    "CVE-2021-21148",
    "CVE-2021-22930",
    "CVE-2021-22931",
    "CVE-2021-22959",
    "CVE-2021-22960",
    "CVE-2021-3672",
    "CVE-2021-43803",
    "CVE-2021-44531",
    "CVE-2021-44532",
    "CVE-2022-32212",
    "CVE-2022-32213",
    "CVE-2022-32214",
    "CVE-2022-32215",
    "CVE-2022-35255",
    "CVE-2022-35256",
    "CVE-2022-3602",
    "CVE-2022-43548",
    "CVE-2023-23918",
    "CVE-2023-23919",
    "CVE-2023-23920",
    "CVE-2023-23936",
    "CVE-2023-24807",
    "CVE-2023-39333",
    "CVE-2023-44487",
    "CVE-2024-22018",
    "CVE-2024-22020",
    "CVE-2024-27982",
    "CVE-2024-27983",
    "CVE-2024-36138",
    "CVE-2024-37372"
  ]
}

cleanstart-2026-wi75198

Vulnerability from cleanstart

Published

2026-01-30 17:34

Modified

2026-01-29 18:58

Summary

vulnerability has been identified in Node

Details

Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2017-14919	WEB
	https://osv.dev/vulnerability/CVE-2017-15896	WEB
	https://osv.dev/vulnerability/CVE-2018-0734	WEB
	https://osv.dev/vulnerability/CVE-2018-0735	WEB
	https://osv.dev/vulnerability/CVE-2018-1000168	WEB
	https://osv.dev/vulnerability/CVE-2018-12121	WEB
	https://osv.dev/vulnerability/CVE-2018-12122	WEB
	https://osv.dev/vulnerability/CVE-2018-7160	WEB
	https://osv.dev/vulnerability/CVE-2018-7161	WEB
	https://osv.dev/vulnerability/CVE-2019-15604	WEB
	https://osv.dev/vulnerability/CVE-2019-15605	WEB
	https://osv.dev/vulnerability/CVE-2019-15606	WEB
	https://osv.dev/vulnerability/CVE-2019-5737	WEB
	https://osv.dev/vulnerability/CVE-2019-9511	WEB
	https://osv.dev/vulnerability/CVE-2019-9512	WEB
	https://osv.dev/vulnerability/CVE-2019-9513	WEB
	https://osv.dev/vulnerability/CVE-2019-9514	WEB
	https://osv.dev/vulnerability/CVE-2019-9515	WEB
	https://osv.dev/vulnerability/CVE-2019-9516	WEB
	https://osv.dev/vulnerability/CVE-2019-9517	WEB
	https://osv.dev/vulnerability/CVE-2019-9518	WEB
	https://osv.dev/vulnerability/CVE-2020-11080	WEB
	https://osv.dev/vulnerability/CVE-2020-7774	WEB
	https://osv.dev/vulnerability/CVE-2020-8172	WEB
	https://osv.dev/vulnerability/CVE-2020-8174	WEB
	https://osv.dev/vulnerability/CVE-2020-8201	WEB
	https://osv.dev/vulnerability/CVE-2020-8252	WEB
	https://osv.dev/vulnerability/CVE-2020-8265	WEB
	https://osv.dev/vulnerability/CVE-2020-8277	WEB
	https://osv.dev/vulnerability/CVE-2020-8287	WEB
	https://osv.dev/vulnerability/CVE-2021-21148	WEB
	https://osv.dev/vulnerability/CVE-2021-22930	WEB
	https://osv.dev/vulnerability/CVE-2021-22931	WEB
	https://osv.dev/vulnerability/CVE-2021-22959	WEB
	https://osv.dev/vulnerability/CVE-2021-22960	WEB
	https://osv.dev/vulnerability/CVE-2021-3672	WEB
	https://osv.dev/vulnerability/CVE-2021-43803	WEB
	https://osv.dev/vulnerability/CVE-2021-44531	WEB
	https://osv.dev/vulnerability/CVE-2021-44532	WEB
	https://osv.dev/vulnerability/CVE-2022-32212	WEB
	https://osv.dev/vulnerability/CVE-2022-32213	WEB
	https://osv.dev/vulnerability/CVE-2022-32214	WEB
	https://osv.dev/vulnerability/CVE-2022-32215	WEB
	https://osv.dev/vulnerability/CVE-2022-35255	WEB
	https://osv.dev/vulnerability/CVE-2022-35256	WEB
	https://osv.dev/vulnerability/CVE-2022-3602	WEB
	https://osv.dev/vulnerability/CVE-2022-43548	WEB
	https://osv.dev/vulnerability/CVE-2023-23918	WEB
	https://osv.dev/vulnerability/CVE-2023-23919	WEB
	https://osv.dev/vulnerability/CVE-2023-23920	WEB
	https://osv.dev/vulnerability/CVE-2023-23936	WEB
	https://osv.dev/vulnerability/CVE-2023-24807	WEB
	https://osv.dev/vulnerability/CVE-2023-39333	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2024-22018	WEB
	https://osv.dev/vulnerability/CVE-2024-22020	WEB
	https://osv.dev/vulnerability/CVE-2024-27982	WEB
	https://osv.dev/vulnerability/CVE-2024-27983	WEB
	https://osv.dev/vulnerability/CVE-2024-36138	WEB
	https://osv.dev/vulnerability/CVE-2024-37372	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-14919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2017-15896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-0735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1000168	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-12122	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7160	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-7161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15604	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-15606	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-5737	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9511	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9512	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9513	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9514	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9515	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9516	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9517	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-9518	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-11080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-7774	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8172	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8174	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8201	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8252	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8265	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8277	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8287	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21148	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22930	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22931	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22959	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22960	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-3672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-43803	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44531	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-44532	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32212	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32214	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-32215	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35256	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3602	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-43548	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23918	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23919	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23920	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-23936	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-24807	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-39333	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22018	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-22020	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27982	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27983	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-36138	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-37372	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "nodejs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.9.3-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the nodejs package. A vulnerability has been identified in Node. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-WI75198",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T17:34:27.754206Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WI75198"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-37372"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000168"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12122"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7160"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15604"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15606"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5737"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8172"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8174"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8201"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8265"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8287"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21148"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22930"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22931"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43803"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3602"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22018"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27982"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27983"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36138"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37372"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vulnerability has been identified in Node",
  "upstream": [
    "CVE-2017-14919",
    "CVE-2017-15896",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-1000168",
    "CVE-2018-12121",
    "CVE-2018-12122",
    "CVE-2018-7160",
    "CVE-2018-7161",
    "CVE-2019-15604",
    "CVE-2019-15605",
    "CVE-2019-15606",
    "CVE-2019-5737",
    "CVE-2019-9511",
    "CVE-2019-9512",
    "CVE-2019-9513",
    "CVE-2019-9514",
    "CVE-2019-9515",
    "CVE-2019-9516",
    "CVE-2019-9517",
    "CVE-2019-9518",
    "CVE-2020-11080",
    "CVE-2020-7774",
    "CVE-2020-8172",
    "CVE-2020-8174",
    "CVE-2020-8201",
    "CVE-2020-8252",
    "CVE-2020-8265",
    "CVE-2020-8277",
    "CVE-2020-8287",
    "CVE-2021-21148",
    "CVE-2021-22930",
    "CVE-2021-22931",
    "CVE-2021-22959",
    "CVE-2021-22960",
    "CVE-2021-3672",
    "CVE-2021-43803",
    "CVE-2021-44531",
    "CVE-2021-44532",
    "CVE-2022-32212",
    "CVE-2022-32213",
    "CVE-2022-32214",
    "CVE-2022-32215",
    "CVE-2022-35255",
    "CVE-2022-35256",
    "CVE-2022-3602",
    "CVE-2022-43548",
    "CVE-2023-23918",
    "CVE-2023-23919",
    "CVE-2023-23920",
    "CVE-2023-23936",
    "CVE-2023-24807",
    "CVE-2023-39333",
    "CVE-2023-44487",
    "CVE-2024-22018",
    "CVE-2024-22020",
    "CVE-2024-27982",
    "CVE-2024-27983",
    "CVE-2024-36138",
    "CVE-2024-37372"
  ]
}

FKIE_CVE-2020-8277

Vulnerability from fkie_nvd - Published: 2020-11-19 01:15 - Updated: 2024-11-21 05:38

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
support@hackerone.com	https://hackerone.com/reports/1033107	Permissions Required, Third Party Advisory
support@hackerone.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/
support@hackerone.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/
support@hackerone.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/
support@hackerone.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/
support@hackerone.com	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/	Patch, Vendor Advisory
support@hackerone.com	https://security.gentoo.org/glsa/202012-11	Third Party Advisory
support@hackerone.com	https://security.gentoo.org/glsa/202101-07	Third Party Advisory
support@hackerone.com	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpuApr2021.html	Patch, Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpujan2021.html	Patch, Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://hackerone.com/reports/1033107	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/
af854a3a-2127-422b-91ae-364da2661108	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202012-11	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202101-07	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuApr2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
nodejs	node.js	*
nodejs	node.js	*
nodejs	node.js	*
fedoraproject	fedora	32
fedoraproject	fedora	33
oracle	blockchain_platform	*
oracle	graalvm	19.3.4
oracle	graalvm	20.3.0
oracle	jd_edwards_enterpriseone_tools	*
oracle	mysql_cluster	*
oracle	retail_xstore_point_of_service	16.0.6
oracle	retail_xstore_point_of_service	17.0.4
oracle	retail_xstore_point_of_service	18.0.3
oracle	retail_xstore_point_of_service	19.0.2
c-ares_project	c-ares	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "993C60FB-8308-4AFC-8394-95D8A976093A",
              "versionEndExcluding": "12.19.1",
              "versionStartIncluding": "12.16.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "0452B6AC-1392-47E6-A0AE-0B44B59BEBDF",
              "versionEndExcluding": "14.15.1",
              "versionStartIncluding": "14.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "BC7DAB03-EAA2-46E2-AE08-F5DBB8923C60",
              "versionEndExcluding": "15.2.1",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0DBC938-A782-433F-8BF1-CA250C332AA7",
              "versionEndExcluding": "21.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:19.3.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "937F66F5-F5BA-4156-82E0-EB2C99ABD41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:20.3.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "BC0F8B31-F93B-40B6-9C06-A3996DC63829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86305E47-33E9-411C-B932-08C395C09982",
              "versionEndExcluding": "9.2.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6757B2A9-0311-43DE-A057-F014767E0444",
              "versionEndIncluding": "8.0.23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "490B2C44-CECD-4551-B04F-4076D0E053C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "48EFC111-B01B-4C34-87E4-D6B2C40C0122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "073FEA23-E46A-4C73-9D29-95CFF4F5A59D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CA5F77-8F82-4973-92E5-CE914FBCC774",
              "versionEndExcluding": "1.16.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1."
    },
    {
      "lang": "es",
      "value": "Una aplicaci\u00f3n Node.js que permite a un atacante desencadenar una petici\u00f3n DNS para un host de su elecci\u00f3n podr\u00eda desencadenar una Denegaci\u00f3n de servicio en las versiones anteriores a 15.2.1, versiones anteriores a 14.15.1 y versiones anteriores a 12.19.1  al conseguir que la aplicaci\u00f3n resuelva un Registro DNS con un mayor n\u00famero de respuestas.\u0026#xa0;Esto es corregido en versiones 15.2.1, 14.15.1 y 12.19.1"
    }
  ],
  "id": "CVE-2020-8277",
  "lastModified": "2024-11-21T05:38:38.383",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-19T01:15:12.763",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1033107"
    },
    {
      "source": "support@hackerone.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/"
    },
    {
      "source": "support@hackerone.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/"
    },
    {
      "source": "support@hackerone.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/"
    },
    {
      "source": "support@hackerone.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202012-11"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202101-07"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1033107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202012-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202101-07"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-M5PG-8H68-J225

Vulnerability from github – Published: 2021-04-14 21:47 – Updated: 2021-12-03 21:10

Summary

Uncontrolled Resource Consumption in node

Details

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-8277"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-19T01:15:00Z",
    "severity": "HIGH"
  },
  "details": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.",
  "id": "GHSA-m5pg-8h68-j225",
  "modified": "2021-12-03T21:10:24Z",
  "published": "2021-04-14T21:47:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8277"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1033107"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2"
    },
    {
      "type": "WEB",
      "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202012-11"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202101-07"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Uncontrolled Resource Consumption in node"
}

GSD-2020-8277

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-8277

Aliases

CVE-2020-8277

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-8277",
    "description": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.",
    "id": "GSD-2020-8277",
    "references": [
      "https://www.suse.com/security/cve/CVE-2020-8277.html",
      "https://access.redhat.com/errata/RHSA-2021:0551",
      "https://access.redhat.com/errata/RHSA-2021:0421",
      "https://access.redhat.com/errata/RHSA-2020:5499",
      "https://access.redhat.com/errata/RHSA-2020:5305",
      "https://security.archlinux.org/CVE-2020-8277",
      "https://linux.oracle.com/cve/CVE-2020-8277.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-8277"
      ],
      "details": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.",
      "id": "GSD-2020-8277",
      "modified": "2023-12-13T01:21:53.691006Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "support@hackerone.com",
        "ID": "CVE-2020-8277",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "https://github.com/nodejs/node",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Fixed in 15.2.1, 14.15.1, 12.19.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service (CWE-400)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://hackerone.com/reports/1033107",
            "refsource": "MISC",
            "url": "https://hackerone.com/reports/1033107"
          },
          {
            "name": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/",
            "refsource": "CONFIRM",
            "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
          },
          {
            "name": "FEDORA-2020-7473744de1",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/"
          },
          {
            "name": "FEDORA-2020-307e873389",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/"
          },
          {
            "name": "GLSA-202012-11",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202012-11"
          },
          {
            "name": "GLSA-202101-07",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202101-07"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "name": "FEDORA-2021-afed2b904e",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/"
          },
          {
            "name": "FEDORA-2021-ee913722db",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.16.0",
          "affected_versions": "All versions before 1.16.0",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-400",
            "CWE-937"
          ],
          "date": "2021-12-02",
          "description": "c-ares\u0027 `ares_parse_{a,aaaa}_reply()` suffers from a Denial Of Service due to insufficient `naddrttls` validation.",
          "fixed_versions": [
            "1.16.1"
          ],
          "identifier": "CVE-2020-8277",
          "identifiers": [
            "CVE-2020-8277"
          ],
          "not_impacted": "All versions starting from 1.16.0",
          "package_slug": "conan/c-ares",
          "pubdate": "2020-11-19",
          "solution": "Upgrade to version 1.16.1 or above.",
          "title": "Uncontrolled Resource Consumption",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-8277",
            "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/",
            "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
          ],
          "uuid": "cb1b9737-003b-48e2-964d-0699988d4a95"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.2.1",
                "versionStartIncluding": "15.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "14.15.1",
                "versionStartIncluding": "14.13.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "12.19.1",
                "versionStartIncluding": "12.16.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:graalvm:19.3.4:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:graalvm:20.3.0:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.2.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.23",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.1.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.16.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve-assignments@hackerone.com",
          "ID": "CVE-2020-8277"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions \u003c 15.2.1, \u003c 14.15.1, and \u003c 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/"
            },
            {
              "name": "https://hackerone.com/reports/1033107",
              "refsource": "MISC",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "https://hackerone.com/reports/1033107"
            },
            {
              "name": "FEDORA-2020-7473744de1",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/"
            },
            {
              "name": "FEDORA-2020-307e873389",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/"
            },
            {
              "name": "GLSA-202012-11",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202012-11"
            },
            {
              "name": "GLSA-202101-07",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202101-07"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
            },
            {
              "name": "FEDORA-2021-ee913722db",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/"
            },
            {
              "name": "FEDORA-2021-afed2b904e",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-05-10T15:25Z",
      "publishedDate": "2020-11-19T01:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-8277 (GCVE-0-2020-8277)

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Tags

Sightings

Nomenclature