nodejs vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the nodejs package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<12.22.10-r0
M Improper Certificate Validation	<12.22.10-r0
M Improper Certificate Validation	<12.22.10-r0
H Improper Certificate Validation	<12.22.10-r0
M HTTP Request Smuggling	<12.22.10-r0
M HTTP Request Smuggling	<12.22.10-r0
H Directory Traversal	<12.22.6-r0
H Symlink Following	<12.22.6-r0
H Directory Traversal	<12.22.6-r0
H Symlink Following	<12.22.6-r0
H Directory Traversal	<12.22.6-r0
M Improper Certificate Validation	<12.22.5-r0
C Improper Input Validation	<12.22.5-r0
M Cross-site Scripting (XSS)	<12.22.5-r0
C Improper Input Validation	<12.22.1-r0
C Use After Free	<12.22.4-r0
M Out-of-bounds Read	<12.22.2-r0
H CVE-2021-22884	<12.21.0-r0
H Resource Exhaustion	<12.21.0-r0
M HTTP Request Smuggling	<12.20.1-r0
H Resource Exhaustion	<12.20.1-r0
H Use After Free	<12.20.1-r0
H HTTP Request Smuggling	<12.18.4-r0
H Buffer Overflow	<12.18.4-r0
H Improper Certificate Validation	<12.18.3-r0
H Improper Enforcement of Message or Data Structure	<12.18.3-r0
H Integer Underflow	<12.18.3-r0
C CVE-2019-15606	<12.15.0-r0
C HTTP Request Smuggling	<12.15.0-r0
H Improper Certificate Validation	<12.15.0-r0
H Allocation of Resources Without Limits or Throttling	<10.16.3-r0
H Resource Exhaustion	<10.16.3-r0
H Allocation of Resources Without Limits or Throttling	<10.16.3-r0
H Allocation of Resources Without Limits or Throttling	<10.16.3-r0
H Allocation of Resources Without Limits or Throttling	<10.16.3-r0
M Allocation of Resources Without Limits or Throttling	<10.16.3-r0
H Resource Exhaustion	<10.16.3-r0
H Allocation of Resources Without Limits or Throttling	<10.16.3-r0
H Allocation of Resources Without Limits or Throttling	<10.15.3-r0
H Resource Exhaustion	<10.14.0-r0
H Resource Exhaustion	<10.14.0-r0
M Improper Input Validation	<10.14.0-r0
M Use of a Broken or Risky Cryptographic Algorithm	<10.14.0-r0
M Use of a Broken or Risky Cryptographic Algorithm	<10.14.0-r0
H Out-of-bounds Write	<8.11.4-r0
H Out-of-Bounds	<8.11.3-r0
H Improper Input Validation	<8.11.3-r0
M Improper Input Validation	<8.11.0-r0
H Improper Input Validation	<8.11.0-r0
H Authentication Bypass	<8.11.0-r0
H Improper Input Validation	<8.11.3-r0
C CVE-2017-15896	<8.9.3-r0
L Information Exposure	<8.9.3-r0
H Improper Input Validation	<6.11.5-r0
H Information Exposure	<6.11.1-r0

Vulnerability

Vulnerable Version

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<12.22.10-r0