nodejs:18/npm vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the nodejs:18/npm package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H CVE-2024-28182	<1:10.5.0-1.18.20.2.2.module_el9.4.0+99+a01f7676
H CVE-2024-27983	<1:10.5.0-1.18.20.2.2.module_el9.4.0+99+a01f7676
H CVE-2024-27982	<1:10.5.0-1.18.20.2.2.module_el9.4.0+99+a01f7676
H CVE-2024-25629	<1:10.5.0-1.18.20.2.2.module_el9.4.0+99+a01f7676
H CVE-2024-22025	<1:10.5.0-1.18.20.2.2.module_el9.4.0+99+a01f7676
H CVE-2024-22019	<1:10.2.4-1.18.19.1.1.module_el9.3.0+59+28b95644
H CVE-2024-21892	<1:10.2.4-1.18.19.1.1.module_el9.3.0+59+28b95644
H CVE-2023-46809	<1:10.2.4-1.18.19.1.1.module_el9.3.0+59+28b95644
H Information Exposure	<1:9.8.1-1.18.18.2.2.module_el9.2.0+43+3ebc9e20
H CVE-2023-39333	<1:9.8.1-1.18.18.2.2.module_el9.2.0+43+3ebc9e20
H Insufficient Verification of Data Authenticity	<1:9.8.1-1.18.18.2.2.module_el9.2.0+43+3ebc9e20
H Resource Exhaustion	<1:9.8.1-1.18.18.2.2.module_el9.2.0+43+3ebc9e20
H CVE-2023-32559	<1:9.6.7-1.18.17.1.1.module_el9.2.0+36+853e48f5
H CVE-2023-32006	<1:9.6.7-1.18.17.1.1.module_el9.2.0+36+853e48f5
H CVE-2023-32002	<1:9.6.7-1.18.17.1.1.module_el9.2.0+36+853e48f5
H Inefficient Regular Expression Complexity	<1:9.6.7-1.18.17.1.1.module_el9.2.0+36+853e48f5
M CVE-2023-30590	<1:9.5.1-1.18.16.1.1.module_el9.2.0+31+cbae0c8e
M CVE-2023-30589	<1:9.5.1-1.18.16.1.1.module_el9.2.0+31+cbae0c8e
M CVE-2023-30588	<1:9.5.1-1.18.16.1.1.module_el9.2.0+31+cbae0c8e
M CVE-2023-30581	<1:9.5.1-1.18.16.1.1.module_el9.2.0+31+cbae0c8e
H Use of Insufficiently Random Values	<1:9.5.0-1.18.14.2.3.module_el9.2.0+30+e3312493
H Out-of-bounds Write	<1:9.5.0-1.18.14.2.3.module_el9.2.0+30+e3312493
H Use of Insufficiently Random Values	<1:9.5.0-1.18.14.2.3.module_el9.2.0+30+e3312493
H CVE-2023-32067	<1:9.5.0-1.18.14.2.3.module_el9.2.0+30+e3312493
M OS Command Injection	<1:8.19.2-1.18.12.1.1.module_el9.1.0+16+91bc168f
M Inefficient Regular Expression Complexity	<1:8.19.2-1.18.12.1.1.module_el9.1.0+16+91bc168f
M Inefficient Regular Expression Complexity	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b
M Arbitrary Code Injection	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b
M Untrusted Search Path	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b
M CVE-2023-23919	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b
M Incorrect Authorization	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b
M Improper Validation of Specified Quantity in Input	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b
M Inefficient Regular Expression Complexity	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b
M Inefficient Regular Expression Complexity	<1:9.5.0-1.18.14.2.2.module_el9.2.0+29+de583a0b