nodejs20-npm

Direct Vulnerabilities

Known vulnerabilities in the nodejs20-npm package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Incorrect Execution-Assigned Permissions	<1:10.8.2-1.20.20.2.1.amzn2023.0.1
H Reversible One-Way Hash	<1:10.8.2-1.20.20.2.1.amzn2023.0.1
H Missing Release of Resource after Effective Lifetime	<1:10.8.2-1.20.20.2.1.amzn2023.0.1
H Information Exposure	<1:10.8.2-1.20.20.2.1.amzn2023.0.1
H Direct Request ('Forced Browsing')	<1:10.8.2-1.20.20.2.1.amzn2023.0.1
H Access of Resource Using Incompatible Type ('Type Confusion')	<1:10.8.2-1.20.20.2.1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<1:10.8.2-1.20.20.1.1.amzn2023.0.3
H Uncaught Exception	<1:10.8.2-1.20.20.1.1.amzn2023.0.3
H CRLF Injection	<1:10.8.2-1.20.20.1.1.amzn2023.0.3
H Uncaught Exception	<1:10.8.2-1.20.20.1.1.amzn2023.0.3
H HTTP Request Smuggling	<1:10.8.2-1.20.20.1.1.amzn2023.0.3
H Directory Traversal	<1:10.8.2-1.20.20.1.1.amzn2023.0.2
H Inefficient Regular Expression Complexity	<1:10.8.2-1.20.20.1.1.amzn2023.0.2
H Directory Traversal	<1:10.8.2-1.20.20.1.1.amzn2023.0.2
H Directory Traversal	<1:10.8.2-1.20.20.0.1.amzn2023.0.2
H Time-of-check Time-of-use (TOCTOU)	<1:10.8.2-1.20.20.0.1.amzn2023.0.2
H Exposure of System Data to an Unauthorized Control Sphere	<1:10.8.2-1.20.20.0.1.amzn2023.0.1
H Uncaught Exception	<1:10.8.2-1.20.20.0.1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<1:10.8.2-1.20.20.0.1.amzn2023.0.1
H Improper Preservation of Permissions	<1:10.8.2-1.20.20.0.1.amzn2023.0.1
H Uncaught Exception	<1:10.8.2-1.20.20.0.1.amzn2023.0.1
H Improper Preservation of Permissions	<1:10.8.2-1.20.20.0.1.amzn2023.0.1
M Use After Free	<1:10.8.2-1.20.19.5.1.amzn2023.0.2
H Memory Leak	<1:10.8.2-1.20.19.2.1.amzn2023.0.1
H HTTP Request Smuggling	<1:10.8.2-1.20.19.2.1.amzn2023.0.1
H Uncaught Exception	<1:10.8.2-1.20.19.2.1.amzn2023.0.1
H Memory Leak	<1:10.8.2-1.20.19.2.1.amzn2023.0.1
M Use After Free	<1:10.8.2-1.20.19.0.1.amzn2023.0.1
H Incorrect Authorization	<1:10.8.2-1.20.18.2.1.amzn2023.0.1
H Resource Exhaustion	<1:10.8.2-1.20.18.2.1.amzn2023.0.1
H Use of Insufficiently Random Values	<1:10.8.2-1.20.18.2.1.amzn2023.0.1
M Inefficient Regular Expression Complexity	<1:10.8.2-1.20.18.1.1.amzn2023.0.1
M CVE-2024-22020	<1:10.8.2-1.20.18.0.1.amzn2023.0.2
M Resource Exhaustion	<1:10.8.2-1.20.18.0.1.amzn2023.0.2
M CVE-2024-22018	<1:10.8.2-1.20.18.0.1.amzn2023.0.2
M Incorrect Permission Assignment for Critical Resource	<1:10.8.2-1.20.18.0.1.amzn2023.0.2
H HTTP Request Smuggling	<1:10.5.0-1.20.12.2.1.amzn2023.0.2
H Detection of Error Condition Without Action	<1:10.5.0-1.20.12.2.1.amzn2023.0.2
H Improper Access Control	<1:10.5.0-1.20.12.2.1.amzn2023.0.2
H Resource Exhaustion	<1:10.5.0-1.20.12.2.1.amzn2023.0.2
M Buffer Under-read	<1:10.2.4-1.20.11.1.1.amzn2023.0.2
H Resource Exhaustion	<1:10.2.4-1.20.11.1.1.amzn2023.0.1
H Improper Privilege Management	<1:10.2.4-1.20.11.1.1.amzn2023.0.1
H Information Exposure	<1:10.2.4-1.20.11.1.1.amzn2023.0.1
H Resource Exhaustion	<1:10.2.4-1.20.11.1.1.amzn2023.0.1
H Arbitrary Code Injection	<1:10.2.4-1.20.11.1.1.amzn2023.0.1
H Directory Traversal	<1:10.2.4-1.20.11.1.1.amzn2023.0.1
H Directory Traversal	<1:10.2.4-1.20.11.1.1.amzn2023.0.1
H Incomplete Documentation	<1:10.2.4-1.20.11.1.1.amzn2023.0.1

Vulnerability

Vulnerable Version

Incorrect Execution-Assigned Permissions

<1:10.8.2-1.20.20.2.1.amzn2023.0.1