nodejs-nodemon

Direct Vulnerabilities

Known vulnerabilities in the nodejs-nodemon package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H CVE-2025-55131	<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b
H CVE-2025-55130	<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b
H CVE-2025-59465	<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b
H CVE-2025-55132	<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b
H CVE-2025-59466	<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b
H CVE-2026-21637	<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b
H CVE-2025-6965	<0:3.0.1-1.module+el9.6.0+90635+2adf922b
H CVE-2025-23166	<0:3.0.1-1.module+el9.6.0+90588+1a9ecb62
H Integer Overflow or Wraparound	<0:3.0.1-1.module+el9.6.0+90588+1a9ecb62
H Use After Free	<0:3.0.1-1.module+el9.6.0+90588+1a9ecb62
H Use of Insufficiently Random Values	<0:3.0.1-1.module+el9.5.0+90517+729550a4
H CVE-2025-23085	<0:3.0.1-1.module+el9.5.0+90517+729550a4
H CVE-2025-23083	<0:3.0.1-1.module+el9.5.0+90517+729550a4
M CVE-2024-28863	<0:3.0.1-1.module+el9.3.0+90167+01064547
M CVE-2024-22018	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
M CVE-2024-36137	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
M CVE-2024-22020	<0:3.0.1-1.module+el9.3.0+90167+01064547
H CVE-2024-28182	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H Out-of-bounds Read	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H CVE-2024-22025	<0:3.0.1-1.module+el9.3.0+90167+01064547
H CVE-2024-27983	<0:3.0.1-1.module+el9.3.0+90167+01064547
H CVE-2024-27982	<0:3.0.1-1.module+el9.3.0+90167+01064547
H CVE-2024-21890	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H CVE-2024-21896	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H CVE-2024-22017	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H Directory Traversal	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H Arbitrary Code Injection	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H CVE-2023-46809	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H CVE-2024-22019	<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7
H Insufficient Verification of Data Authenticity	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
H Information Exposure	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
H CVE-2023-39333	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
H CVE-2023-44487	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
H CVE-2023-32559	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
H Inefficient Regular Expression Complexity	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
H CVE-2023-32006	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
H CVE-2023-32002	<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc
M CVE-2023-30589	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M CVE-2023-30588	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M CVE-2023-30581	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M CVE-2023-30590	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
H Use of Insufficiently Random Values	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
H Out-of-bounds Write	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
H Use of Insufficiently Random Values	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
H CVE-2023-32067	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M CVE-2023-23919	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M Incorrect Authorization	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M Inefficient Regular Expression Complexity	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M Inefficient Regular Expression Complexity	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M Inefficient Regular Expression Complexity	<0:2.0.20-2.module+el9.2.0+21038+115df6a2
M Arbitrary Code Injection	<0:2.0.20-3.el9_2
M Improper Validation of Specified Quantity in Input	<0:2.0.20-3.el9_2
M Untrusted Search Path	<0:2.0.20-3.el9_2
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:2.0.20-2.el9_1
M Inefficient Regular Expression Complexity	<0:2.0.20-2.el9_1
M OS Command Injection	<0:2.0.20-2.el9_1
M HTTP Request Smuggling	<0:2.0.20-2.el9_1
M CVE-2022-29244	<0:2.0.19-1.el9_0
M HTTP Request Smuggling	<0:2.0.19-1.el9_0
M HTTP Request Smuggling	<0:2.0.19-1.el9_0
M HTTP Request Smuggling	<0:2.0.19-1.el9_0
M OS Command Injection	<0:2.0.19-1.el9_0
M CVE-2022-33987	<0:2.0.19-1.el9_0
M Resource Exhaustion	<0:2.0.19-1.el9_0
M Inefficient Regular Expression Complexity	<0:2.0.19-1.el9_0
M Inefficient Regular Expression Complexity	<0:2.0.19-1.el9_0
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:2.0.19-1.el9_0

Vulnerability

Vulnerable Version

CVE-2025-55131

<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b

CVE-2025-55130

<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b

CVE-2025-59465

<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b

CVE-2025-55132

<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b

CVE-2025-59466

<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b

CVE-2026-21637

<0:3.0.1-1.module+el9.7.0+90816+ad59ca7b

CVE-2025-6965

<0:3.0.1-1.module+el9.6.0+90635+2adf922b

CVE-2025-23166

<0:3.0.1-1.module+el9.6.0+90588+1a9ecb62

Integer Overflow or Wraparound

<0:3.0.1-1.module+el9.6.0+90588+1a9ecb62

Use After Free

<0:3.0.1-1.module+el9.6.0+90588+1a9ecb62

Use of Insufficiently Random Values

<0:3.0.1-1.module+el9.5.0+90517+729550a4

CVE-2025-23085

<0:3.0.1-1.module+el9.5.0+90517+729550a4

CVE-2025-23083

<0:3.0.1-1.module+el9.5.0+90517+729550a4

CVE-2024-28863

<0:3.0.1-1.module+el9.3.0+90167+01064547

CVE-2024-22018

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

CVE-2024-36137

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

CVE-2024-22020

<0:3.0.1-1.module+el9.3.0+90167+01064547

CVE-2024-28182

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

Out-of-bounds Read

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

CVE-2024-22025

<0:3.0.1-1.module+el9.3.0+90167+01064547

CVE-2024-27983

<0:3.0.1-1.module+el9.3.0+90167+01064547

CVE-2024-27982

<0:3.0.1-1.module+el9.3.0+90167+01064547

CVE-2024-21890

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

CVE-2024-21896

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

CVE-2024-22017

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

Directory Traversal

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

Arbitrary Code Injection

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

CVE-2023-46809

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

CVE-2024-22019

<0:3.0.1-1.module+el9.3.0+90066+12d4a8d7

Insufficient Verification of Data Authenticity

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

Information Exposure

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

CVE-2023-39333

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

CVE-2023-44487

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

CVE-2023-32559

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

Inefficient Regular Expression Complexity

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

CVE-2023-32006

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

CVE-2023-32002

<0:3.0.1-1.module+el9.2.0+21169+1d24b6cc

CVE-2023-30589